Security Posture Assessment(SPA) Headquarters: Ofisgate Sdn Bhd (610820-A), 2-15 Jalan Jalil Perkasa 13 Aked Esplanad, Bukit Jalil, 57000 Kuala Lumpur, Malaysia Regional Office: Ofisgate (s) Pte Ltd, 205B Thompson Road, Goldhill Centre, Singapore
Understand Your Current Security State Understanding your organization s security state and identifying vulnerabilities is the first step toward protecting the confidentiality, integrity and availability of critical data. It is also an important component for achieving regulatory compliance. Protection of Information Access Protection of Information Reliability Protection of Information Availability Protection of Information Integrity SPA to secure ICT Assets
Understand Your Current Security State Your organization may be vulnerable to attack from the outside or the inside if you remain unaware of security issues, simply ignore them or don t sufficiently manage them. An attack may take down your network or lead to the theft of sensitive data customer information, employee information or intellectual property. The ensuing loss of public trust or the failure to comply with regulations could result in severe financial repercussions. A major security breach could also cause irrevocable damage to your organization s reputation. IMPACT SOLUTION To effectively protect your organization, you first need to evaluate where you stand in relation to industry best practices and regulatory requirements. A gap assessment will help identify the most effective course of action based on your business objectives.
Understand Your Current Security State A ROADMAP TO A MORE SECURE NETWORK Going much deeper than an ordinary assessment, the Internet Security Systems Information Security Assessment provides a comprehensive evaluation of your information security posture. Based on the globally recognized ISO 17799 standard and industry best practices, the assessment by Ofisgate Sdn Bhd security experts will thoroughly document the results and provide you with specific recommendations for mitigating the identified risks and improving overall security posture
Benefits Of the Information Security Assessment Provides a clear understanding of current information security risks Identifies the potential impact of vulnerabilities on your network infrastructure Raises internal awareness of information security risks Enables more informed decision-making and identifies the gaps in organizational security controls, policies and processes Provides a specific, actionable plan to improve overall security posture based on business needs Enables you to proactively address security issues before they are exploited Helps to meet regulatory compliance requirements
SPA Scope of Work This document is intended to show and analyze network security issues to the management and technical staff. The audit report outlines: Network Assessment Host / Server Security Assessment Application and Database Assessment Physical Assessment ICT Security Policy Assessment Penetration Test (Internal & External) Reporting / Recommendation / Presentation Transfer of Technology (ToT) & Hands-On Security Training
Project Timeline Pre Assessment Assessment Post Assessment Project Handover
Pre Assessment Assessment Post Assessment SPA Project Phase Project Planning and initiation Customization of assessment procedures Network Assessment Host/ Server Security Assessment Application and Database Assessment Physical Assessment ICT Security Policy Assessment Penetration Test (Internal & External) Reporting / Recommendation/ Presentation Transfer of Technology (ToT) & Security Hands- On Training
Network Design Audit and Network Parameters Evaluation BTM WAN Network Internal Datacenter Network BTM NOC
Internal and External Network Devices Assessment 1 Firewall 1 AV Admin Server, 2 AV District Hosts and 4 user PCs 1 Content Filtering / IPS Example 1 Core Switch and 2 Access Switches 7 Types 1 Email Security Gateway 3 Routers 3 Wireless Appliances
Host / Server and Desktop Security Assessment Server Farm DMZ 2x Branches User HQ User Example
Application and Database Security Assessment One (1) Portal Five (5) Web Applications Two (2) My SQL Database Two (2) Oracle Database Example
Operating System & Configuration Management 10 Windows Hosts 5 Linux Hosts 3 HQ Users 3 District Users 21 Hosts Example
Physical and Environment Security Audit One (1) Customer a Datacenter One (1) NOC Example
ICT Security Policy Assessment / Review One (1) Customer A ICT Security Policy Example
Internal Penetration Test Server Farm DMZ HQ User 2x District User Example
External Penetration Test One (1) Agency Portal Seven(7) Web Applications One(1) Email 9 Hosts Example
Report Presentation Six (6) Reports Report Presentation Including (1) Executive Summary Report Example
Security Awareness One (1) Security Awareness Session
Training Three (3) Network Security Hands-On Training
Tools Nikto2 MATASANO Flint Firewall Checker
For enquiries about our products, services or to schedule a sales presentation: e: sales_enquiries@ofisgate.com For contact information: OFISGATE SDN BHD (610820-A) 2-15, Jalan Jalil Perkasa 13, Aked Esplanad, Bukit Jalil, 57000 Kuala Lumpur, MALAYSIA. Tel: +603 8994 0778 Fax: +603 8994 0779