 |
Every company has unique information security requirements
that are dependent on their industry, size, and market focus.
InfoDefense has developed several packages that have been
designed to address these specific needs. As with all of InfoDefense's
services, these packages were created to provide cost-effective
information risk management. While our regulatory compliance
packages assist companies is addressing their legal obligations,
our small business packages help small companies incorporate
cost-effective information security into their business. Below
is a specific description of each package.
|
Regulatory Compliance - The Health Insurance Portability and Accountability
Act (HIPAA), Gramm-Leach-Bliley
Act (GLBA), Sarbanes-Oxley Act require companies
to identify risks to specific information and employ
reasonable controls to mitigate them. InfoDefense
has developed its regulatory compliance packages
to assist companies in meeting their information
security legal requirements. Contact us to learn
more about InfoDefense regulatory compliance packages.
|
Enterprise Information Assurance - Many companies
have implemented some information security point
solutions such as firewalls, virus protection or
encryption systems, but have neglected others such
as policy, employee security training or assessments
which are often more cost-effective and ultimately
required for a comprehensive information assurance
program. In response, InfoDefense created the Enterprise
Information Assurance Package which is designed
to augment existing controls to create a comprehensive
infomation security program for effective risk mitigation. Click here for more
information on InfoDefense
Enterprise Information Assurance.
|
|
Small Business Information Protection - Considering
all of the challenges small companies face, information
security is one area that should be easy. In response
to requests from small companies for value-based
information protection, InfoDefense has developed
several small business information protection packages
that were designed to be cost-effective and easy to implement.
Contact us for more information on InfoDefense
small business packages.
|
|
Independent Information Security Audit -
InfoDefense developed the annual information security
audit package for companies who require annual independent
audits of their information security controls. Unlike
our other services, the annual information security
audit package is designed to stand alone and by
its nature cannot be combined with any additional
services. Contact us for more information on the
InfoDefense Annual Information Security Audit package.
|
|
Managed Internet Security - For most organizations,
their Internet connection is the most frequent point
of information compromise. InfoDefense has developed
several Managed Internet Security packages to address
this problem. Contact us to learn more about InfoDefense
managed Internet Security.
|
|
Computer Incident Response - The best time
find a company that can provide the experts you
need to address a computer incident is before it
happens. InfoDefense developed the Computer Incident
Response package to help companies develop incident
response plans and to make the necessary experts
available to minimize damages
in the event of a computer incident. Contact us
for more information about the Computer Incident
Response package.
|
|
|
|
 |
Active Defense: a case for outsourcing information
security
Information security threats are increasing exponentially
each year. According to the CERT® Coordination Center,
the number of reported computer security incidents has
roughly doubled each year since they began tracking
them in 1988. In 2000 there were 21,756 incidents compared
to a staggering 76,404 incidents reported just during
the first half of 2003.
Effective information security is an ongoing process
requiring continual risk assessment and monitoring.
It is also a very complex discipline requiring a high
degree of training to become proficient. As a result,
Information security professionals typically earn upwards
of $80,000 per year. More experienced professionals
can earn as much as $150,000 per year. When you consider
the cost of staffing a security monitoring center around
the clock, security operations can become prohibitively
expensive. As a result, most organizations cannot justify
the expense of full-time information security experts
and 24/7 security monitoring operations.
In most cases, managed security service providers are
able to deliver more comprehensive service at a lower
cost. They are able to spread the cost of resident experts
and 24 hour monitoring across many customers. Thus,
offering an exceptional value. Because security is most
often an MSSP's sole focus, their client's receive higher
levels of service than they normally would be able to
deliver internally. When you crunch the numbers, outsourcing
certain information security functions can offer a substantial
cost savings.
|
 |
|
|