 |
The threats associated with doing business using computer
systems are growing each year. Most companies have employed
security technologies to counter these threats, but are still
experiencing compromises. Though these point solutions contribute
to securing your enterprise, truly effective information security
contains elements of planning and policy, operational procedure,
education and quality control as well. InfoDefense has created
the Enterprise Information Assurance suite to effectively
augment your company's existing information security countermeasures
to create a comprehensive security strategy. It consists of
the following:
Ongoing Information Security Services
The goal of information security is to prevent breaches in system confidentiality, integrity and availability. Our Enterprise Information Assurance suite consists of the following services to proactively mitigate the risk of these types of compromises.
Security
Planning and Policy Review
o Strategic Security Plan
o Incident Response Plan with Annual Updates
o Annual Information Security Policy Review and Augmentation
Quality Assurance
o Annual Information Security Assessments with Quarterly Follow-up
o Monthly Network Enclave Vulnerability Assessments
o Quarterly Internal Network Vulnerability Assessments
Security Training and
Awareness
o Information Security Training (for Network Administrators)
o Employee Security Awareness
Computer Incident Response and Forensics
Whether it is an enterprise wide computer virus outbreak, a system penetration or some other type of computer incident that disrupts your business, the team responding to the incident needs to be efficient, accurate and effective. Considering the cost associated with every minute of downtime, there is little tolerance for trial and error. InfoDefense offers the information security industry's most seasoned experts to work closely with your organization's system administrators in responding to and investigating computer related incidents. We provide the responsive information security services below as part of the Enterprise Information Assurance suite.
Incident Response
o Incident Containment
o System Resumption Assistance
o Corrective Countermeasures and Procedural Augmentation
Computer Forensics
o Evidence Collection, Analysis and Storage
o Law Enforcement Liaison
o Expert Witness
Pricing
Hiring information security experts who can effectively
perform the services we offer as part of the Enterprise
Information Assurance suite would cost a minimum
of several hundred thousand dollars per year.
The Enterprise Information Assurance suite is designed
to be cost-effective and easily budgeted. It is
priced on a "per seat" basis. Packages can be customized
to meet your company's specific requirements. At
a per seat price of about a dollar a day (for companies
with over 100 employees), we offer an exceptional
value for your investment. Contact us today to learn
more about how we can help you protect your company's
critical information assets.
|
| |
|
|
|
 |
Active Defense: a case for outsourcing information
security
Information security threats are increasing exponentially
each year. According to the CERT® Coordination Center,
the number of reported computer security incidents has
roughly doubled each year since they began tracking
them in 1988. In 2000 there were 21,756 incidents compared
to a staggering 76,404 incidents reported just during
the first half of 2003.
Effective information security is an ongoing process
requiring continual risk assessment and monitoring.
It is also a very complex discipline requiring a high
degree of training to become proficient. As a result,
Information security professionals typically earn upwards
of $80,000 per year. More experienced professionals
can earn as much as $150,000 per year. When you consider
the cost of staffing a security monitoring center around
the clock, security operations can become prohibitively
expensive. As a result, most organizations cannot justify
the expense of full-time information security experts
and 24/7 security monitoring operations.
In most cases, managed security service providers are
able to deliver more comprehensive service at a lower
cost. They are able to spread the cost of resident experts
and 24 hour monitoring across many customers. Thus,
offering an exceptional value. Because security is most
often an MSSP's sole focus, their client's receive higher
levels of service than they normally would be able to
deliver internally. When you crunch the numbers, outsourcing
certain information security functions can offer a substantial
cost savings.
|
 |
|
|