|
Security Services
Identity and Access Management (IAM) is likely the fastest
growing area in the IT security industry today. IAM provides larger organizations
with the ability to better manage user access to web sites, applications
and databases. The need for IAM solutions has grown with the increased
use of the Internet to provide external users with access to business applications.
Without appropriate security controls, these applications can potentially
suffer misuse, including unauthorized access and subsequent leakage of
confidential or business-sensitive information. Enter IAM.
Organizations need IAM solutions to meet the security expectations of
their customers and stakeholders – and, equally important, increasingly
strict privacy legislation. Since 2002, Technology North has been assisting
enterprise clients to define, plan and execute Identity and Access Management
projects. We have provided a wide range of resources to these projects
including technical architects, technical analysts, project/program managers,
and business analysts
Technology North's Security Services are a complete range of assessment and hands-on consulting services.
Designed to suit virtually any size of business -- and almost any budget -- our services can meet the needs of companies with both common-place and unique technology platforms.
Included in this work have been assignments to:
define requirements for products to meet IAM needs
develop models and architectures to meet business needs
design of user registration and enrolment solutions
strong authentication research and recommendation development
large-scale application integration project management
outsourced vendor management
TN have experience with Computer Associates Siteminder,
RSA SecurID and ACE Server, IBM Tivoli Identity Manager,
Microsoft Active Directory, and a wide range of operating systems, network
protocols and
firewall solutions. In the IAM space today, we are currently
managing 10 application integration projects, providing project management,
technical
and business analyst support. In addition, we are advising
an enterprise client on the ongoing operations of an outsourced service
that will one
day support over 2,000,000 users.
A Security Review is usually
carried out before we attempt to fix security problems. Our approach
to performing Security Review projects is made up of 5 steps:
- Initial Risk Evaluation – What
information do you need to protect? What hazards and risks is your
IT infrastructure exposed to? What obligations do you have to protect
your information?
- Security Needs Assessment – We
perform a detailed review of the following: Policies
and Procedures, Physical Security, External Access
Security (using Ethical Hacking techniques via the Internet), Internal Network, and Business Applications/Databases.
- Security Trends - Technology North has developed a Security Trends Report that contains up-to-date information on IT security trends. During our review of your security needs, this information is updated and customized for your use.
- Security Recommendations - Once the business needs for security are understood, specific recommendations can be prepared. These are practical, detailed recommendations for implementing new security solutions. An overview implementation plan and cost estimates are also provided.
- Security Policies - In many cases, an operational security policy is needed to ensure that the recommended changes are formally recognized. The policy can also be updated on an ongoing basis and used to keep management and staff informed.
Our approach is summarized by the diagram at right (click on it to enlarge) and in our Flash Multimedia Presentation.
Contact us for more information on how our Security Services can help your company reduce technology risks.
|
 |
|
