How we help

PLANNING

Discover the business pain points and priorities through workshops with teams, review of policies and procedures and targeted audits.

HEALTH CHECK

Sample system configurations and historical data sets to confirm level of security readiness.

DESIGN

Develop security solutions to address identified gaps while focusing on delivering the target business outcomes and ensuring its impact is understood and acceptable.

TESTING

We provide security penetration testing service for network infrastructure, web servers and software applications. Our service goes the extra step by providing an interpretation of the results in terms of ROI (Return on Investment) measured against the investment in appropriate security controls.

DIPAM

Our team works with your teams to analyse your IT environment through asset discovery and process mapping, in order to understand the information flows which might be vulnerable to attack.

Based on the results of the discovery process, we identify and catalogue valuable information sets, infrastructure elements, business applications and associated stakeholders both internal and external to your organisation.

We then work with your teams to design and deploy protection infrastructure and operational processes appropriate for the protection of the identified assets.

We also ensure the deployed protection regime offers effective and user-friendly access to the protected assets with granular control and sufficient logging to support meaningful forensic analysis and recovery after an attack.

Our design ensures the deployed protection mechanism can be effectively monitored by your monitoring system and integrated with your incidence handling processes.

POLICY FRAMEWORK

Policy is a collection of human thoughts. It is a human language and a building block in the decision making process. It is often expressed as high level business statements such as “enable intimate customer engagement” and “improve business agility”. Complex technology decisions are, naturally, made based on our personal policy frameworks as depicted in the diagram below:
People-Policy-Technology methodology

However it can be difficult to explain our “policy frameworks” to others. Such frustration is often expressed as “IT doesn’t listen” or “users don’t care”. Just think for minute how often couples with different upbringings, resulting in different “frames of mind”, argue about education for their children while both wanting the very best for them.

Today business teams are often as technology savvy as the IT team with a deep understanding of the power of a data driven business model. As a result, they have high expectations of the benefits delivered from digital transformation and are explicit in their expression of their requirements.

On the other hand IT teams are coming under increasing pressure to reduce costs and satisfy regulatory burdens. Moreover the IT environment is becoming increasing complex with high expectations for speedy delivery. Also infrastructure and application deployment demand intensive capital investment and time to develop and deploy. IT infrastructure policy requires a medium to long term horizon to meet the fluctuating demands of the business.

Our team are expert in facilitating open minded discussion between teams and aligning their “policy frameworks” to develop a consensus on security solution designs and delivery.