Information Security Policy and
Standard Reviews
Once a security assessment has been performed the next step is to
evaluate your companies present Policies and Standards. It is
important
- Policy and Standard Review of the Network, System or
Application.
- User and Group Management
- Backup and Restore Policy
- Change Policy
- Disaster Recovery Policy
- Intrusion Detection Policy
- Audit Log Policy
- Documentation
- Technical Security Review
- Network, System and Application controls
- User and Administrative Controls
- Authentication and Authorization
- Auditing Controls
- Access controls
While Information Risk Group is willing to look only at the
technical controls of a specific application or system; we
encourage
our customers to always review the security of the entire system in
conjunction with the application. The application and system are
bound together each directly affecting the security of the overall
system.
Outlined below is a partial list of products Information Risk Group is
prepared to assess:
- Network Operating Systems
- Windows NT4.0
- Windows 2000
- Windows XP
- Netware 3x, 4, 5, 6
- UNIX - Solaris, AIX, HPUX, Linux
- Databases
- Oracle
- Sybase
- Microsoft SQL Server
|
- Networks
- Cisco Routers & Switches
- General Design of DMZ, Extranet and Internet
Connectivity
- Firewalls
- Cisco PIX
- Raptor
- Checkpoint
|
Please contact us if you have any questions on this or any other
service we offer.
Information Risk Group LLC
3220 Henderson Blvd.
Tampa, FL 33609
E-mail: inforisk@inforiskgroup.com
Information Risk Group offering information security and risk
management services to companies throughout the Americas.
|
