Security is the most dynamic and challenging area within the IT industry. As providers of information security advice and solutions we understand the threats which exist from malicious attacks, phishing and pharming, insider threats and man in the middle attacks, as well as from accidental loss or internal controls failures.
The threat to organistions’ information security has never been higher
Corporate information and data security strategy should protect data against threat, both internal and external, from known and unknown sources. Sadly, this is not always the case and data is stolen, lost or hacked. Accidental loss or malicious attack both need to be mitigated and managed and today’s IT managers and Chief Executives alike need to be “infosec savvy”. The cost of not being so are financially high, the Information Commissioner can levy fines of £500, 000 per incident. The reputational damage a data breach can generate is probably even more significant.
Xpertex consultants use their wealth of experience in delivering secure infrastructure solutions to customers in all industry sectors. Our people have a proven track record in designing and delivering secure network solutions, locked-down client/server infrastructure components (such as GAP and SSLF) and protective monitoring (auditing) solutions. Because we understand how it all fits together from top to bottom, we understand where weaknesses can occur.
We work with HM government accreditors, IT Security Officers and information assurance bodies to keep on top of the threat horizon. We also work with our alliance partners to see how they are implementing counter-measures and monitoring capabilities to help defend our clients’ network and data assets. We have provided our clients with a range of advice and assurance including the following:
- CESG Listed Advisor Scheme services (CLAS)
- Penetration testing
- Risk management accreditation (including physical, electronic and human factors)
- Firewall tuning and management
- Data movement and treatment plans
- Product and vendor selection and implementation (anti-virus, audit, monitoring)
- Design and implementation of Virtual Private Networks (VPNs)
