IT Security. Securing Your Business Investments

Transcription

1 Securing Your Business Investments IT Security NCS GROUP OFFICES Australia Bahrain China Hong Kong SAR India Korea Malaysia Philippines Singapore Sri Lanka

2 Securing Your Business Investments! Information Technology (IT) is an integral part of today s businesses. With increased online usage within and beyond the organisation in an increasingly networked environment, IT security has become a top concern of business managers today. Unsecured servers have caused companies to lose millions of dollars and affect productivity; corrupted networks, as well as external intrusions via Trojan horses or other new forms of blended virus attacks have caused countless business disruptions. Furthermore, web defacements, thefts and manipulations of data have resulted in severe negative publicities for corporations. Your best line of defence is as good as your weakest link IT security today extends beyond organisations boundaries to include business partners, customers and even the public-at-large. This is especially so as electronic transactions become regular activities with transactional feature a common tool in e- commerce portals. It is essential to understand the risks, and ensure your investments are assessed, protected and managed. Protect your organisation against security threats. Define comprehensive security policies. Build robust and resilient security measures to safeguard and ensure the reliability, confidentiality and integrity of your information assets. You can do all these when you leverage on NCS IT Security Service. You ll be assured of : Over 20 years of experience in providing IT security consulting, infrastructure solutions and outsourcing services; A strong pool of certified specialists with CISSP (Certified Information Systems Security Professional) and CISA (Certified Information Systems Auditor) accreditations; Our extensive experience in managing IT security for both the public and private sectors. With NCS IT Security Services to protect your business investments, you ll be assured peace of mind We provide a holistic approach to security management for your business. Notes: 1. CISSP is a registered certification mark and (ISC)2 is a trademark of International Information Systems Security Certification Consortium, Inc. 2. NCS is the corporate affiliate of International Information System Security Certification Consortium (ISC)2 to host the CISSP examinations and CBK review seminar.

3 Consult and Train NCS offers a wide range of security consultancy and training services to help our customers deal with the new challenges in the IT security arena. Our strategic services include risk assessment, security review, policy development, standards and planning, recommendation and implementation of security solutions, as well as security awareness training for all levels of staff. We have one of the largest numbers of CISSP in Singapore, and many of our staff are also CISA qualified. Our dedicated professionals strive to provide you with peace of mind in safeguarding your business investments. Risk Assessment We help our clients identify system risks and their potential impacts on the business through a 5-step process: a. Identify main information assets and assess security requirements b. Identify possible threats to the information assets c. Identify likelihood of these threats and vulnerabilities d. Assess the impact as a result of these risks to the systems e. Manage the risks by selecting appropriate costeffective control measures Security Review and Audit Using a series of interviews with relevant staff, site surveys and system checks, we review the site or enterprise for compliance with prevailing IT security policies, standards and guidelines. Recommendations on appropriate measures and compensating controls will then be made to eradicate risks posed by noncompliance. Firewall and Web Security Review By providing firewall and web security review services, we ensure the security of the administration and management of the firewall and web, as well as the appropriateness of the policies and rules, configuration, logging and alerting mechanisms, monitoring and application of the security patches. Penetration Testing Through a suite of scanning tools, we offer vulnerability scanning services which provide snapshots of the vulnerability of a network/ server, from internal and external sources. Penetration tests will then be conducted to verify the threats and vulnerabilities in the operating systems, applications, connectivity and others. Policies, Standards and Methodologies We help organisations draw up policies, standards and methodologies to enable them to achieve a competitive level of IT security. Training Well thought-out security policies require the cooperation of trained and informed users. We specialize in conducting IT security workshops and seminars for end-users, managers, system administrators and more. Our courses include CBK Review Seminars, IT Security Best Practices, IT Audit and Control Essentials, Risk Assessment and Firewall Administration. Being a corporate affiliate of (ISC)2, we are proud to host the CISSP examinations. To date, a pool of over 500 IT security professionals in Singapore has gone through the accreditation process. CISSP and CISA certified professionals Over 20 years of industry experience Public and private sector practices

4 Protect With the right strategic policies formulated to protect your vital assets, our next step will be to implement the security policies that best meet our customers needs. No security solution is complete without protecting the following critical aspects: Integrated Architecture Firewalls and Other Network Perimeter Security The continued management of the firewall rules in relation to the changing needs of the organisation is critical to ensure the overall security of the network. We offer our clients a suite of services to manage the entire life cycle of the firewalls and related security services. These include installation, configuration, maintenance and continual auditing and review of the firewalls and their rule-base. Virtual Private Network Infrastructure We help clients with remote or multiple sites to effectively extend their network beyond physical boundaries. Our Virtual Private Network Infrastructure solutions provide secure logical links among these sites. Public Key Infrastructure Our Public Key Infrastructure (PKI) systems specialists have vast experience in implementing practical PKI solutions. Some examples include the enterprise PKI Certificate Authority, or the use of external Certificate Authorities to provide digital certificates to PKI-enabled applications. Content Intrusion Detection We assist our clients in the installation of the Intrusion Detection systems, and the monitoring of networks and hosts for any signs of an attack or unusual behaviour. This allows appropriate counter-measures to be taken before a serious security breach occurs, minimizing damages. Anti-Virus and Content Security We provide enterprise-wide anti-virus gateway solutions that are centrally managed, reducing the dependence on individual scanning activities. We also offer content-filtering solutions which are capable of filtering and quarantining online traffic that could potentially contain viruses, based on certain content keywords and other objects. Access Authentication We configure and integrate authentication solutions which enable our clients to identify their users positively. These include enhanced versions (using end-to-end encryption) of the well-known UserID and password combination, or two-factor authentication using hardware tokens and smartcards. Identity Management Identity management and single sign-on systems are able to provide a centralised view of the users and their access across multiple sub-systems. Our solutions encompass multi-layered authentication and authorisation services from a central security and management perspective. Encryption and Smart Cards The design of the encryption protocol and the management of the encryption keys are critical to safeguard the overall security of your information. Our application-based encryption solutions ensure that your critical information remains secure across servers. Our consultation and implementation capabilities result in a holistic approach, creating maximum security for your critical information. Desktop We provide desktop security solutions encompassing access control, encryption, patch management and personal firewall to secure access to your desktop, protect your data from disclosure and theft, resolve system vulnerabilities and block malicious activities. Our solutions also facilitate the enforcement of corporate policies at your desktops, hence ensuring that they are secured wherever they may be and that they do not pose a threat to your organisation. Application With consistent security being required across multiple layers of applications and product solutions, our application security specialists have the capability to help you with integrating various security components at the application layer. This ensures that authentication, confidentiality, integrity and even non-repudiation requirements are met consistently across your applications and infrastructure.

5 Manage Outsource the management and monitoring of your security infrastructure. Our 24x7 remote and onsite management services enable your organisation to focus on the core business, leaving the management of the security infrastructure in our safe hands. The ICT-Utility-On-Tap which we have successfully developed for the Singapore Biopolis tenants is a testimonial of our capabilities in offering secured managed services. By protecting your connectivity services with comprehensive managed firewall services and VPN, we ensure secure data services and reliable business connectivity to both local and overseas organisations. IT Security Life Cycle Our comprehensive approach of Consult, Train, Protect and Manage ensures that we work closely with our clients from start till end of their IT security life cycle. Consult & Train Risk Assessment Security Review and Audit Firewall and Web Security Review Penetration Testing Policies, Standards and Methodologies Training Protect Integrated Architecture Firewalls and Other Network Perimeter Security Virtual Private Network Infrastructure Public Key Infrastructure Content Intrusion Detection Anti-Virus and Content Security Access Authentication Identity Management Encryption & Smart Cards Desktop Access Control Encryption Patch Management Personal Firewall Application Overall Integration of Security Components at Application Layer Manage 24x7 Remote and Onsite Management Services Incident Response Firewall and Perimeter Security Virtual Private Network Infrastructure Intrusion Detection Anti-Virus and Content Security Authentication These solutions and services are offered by NCS Communications Engineering Pte. Ltd. (NCS Comms Engg), a wholly-owned subsidiary of NCS Pte.Ltd.. The company provides infrastructure, communications and engineering solutions to customers in the Asia Pacific region.

6 NCS Group is a leading information technology (IT) and communications engineering services provider with about 4,000 staff located in 10 countries across the Asia Pacific and Middle East regions. NCS has in-depth domain knowledge and unique delivery capabilities which focus on defining, realising and sustaining Business Value for its Customers via the innovative use of technology. With proven expertise in consulting, development, systems integration, outsourcing, infrastructure management and solutions, gained while serving government and commercial organisations across the region, NCS delivers end-to-end support for every organisation s technology needs. NCS is headquartered in Singapore and is a wholly-owned subsidiary of the SingTel Group. what you can do Contact NCS at reachus@ncs.com.sg today! Discover how you can effectively engage NCS, and leverage on our proven solutions, expertise, experience, methodologies and partnerships for business advantage and real value. The company, product names, images and pictures displayed are protected under copyright laws and owned by their respective owners. Reg. No G. Copyright 2007 NCS Pte. Ltd. All Rights Reserved MB making IT happen NCS GROUP 5 Ang Mo Kio Street 62, NCS Hub, Singapore Tel: (65) Fax: (65) reachus@ncs.com.sg Website : A member of the SingTel Group