| This flexible service can provide you with a network security expert to assist your existing staff. One of our consultants will spend the day with your organization, focusing on your unique security requirements. We can review configurations and suggest alternatives, answer questions, lead discussions of security issues in your organization, and provide presentations on selected topics. |
Network Security Survey
Telecom and Logistics Associates will conduct an analysis of your networking environment and current security posture. We conduct a site inspection, interview your staff, review architecture and configuration documentation, analyze connectivity and access controls, and study security policies, choices and goals in the context of your business needs. The consultants will identify vulnerabilities, and recommend corrections, solutions, and implementation priorities in both documentary and briefing formats.
Security Policy Development
The fundamental goal of an Information Security Policy is to communicate to everyone in the organization the principle that information is a valuable asset of the corporation, and that everyone is responsible - and accountable - for protecting it. The security policy is a visible representation of security considerations, requirements, priorities, assumptions and responsibilities. Our consultants are experienced in assisting organizations in developing, writing, and updating their security policies, and can bring that experience to bear in helping you with your policy development needs.
Security Policy Review
Telecom and Logistics Associates' Policy Review service is intended to provide customers who already have corporate information systems policies in place, with an independent outside review. TLA consultants specialize in policy implications of external connections to corporate information processing resources and data bases. We can examine existing policy statements, assess implementation efforts, identify weaknesses and recommend necessary additions and improvements.
Telecom and Logistics Associates SARL
10, Rue des Savoises CH-1205 Geneva Phone & fax +41 22 328 14 88
E-mail: calt@tla.ch http://www.tla.ch
Network Vulnerability Scan
Telecom and Logistics Associates will employ automated tools to probe the customer's internal network for security vulnerabilities, known software bugs, configuration problems, and unnecessary services. Network services, access control characteristics and procedures, and system audit characteristics will be reviewed for security ramifications. The consultant will provide a report on the security flaws of networked hosts and devices, and provide recommendations for correcting them.
Internet Connectivity Vulnerability Analysis
Vulnerability analysis provides a careful review of the specific risks your installation faces from outside threats. We use a variety of standard utilities, customized scanners, and exploitation tools to test your Internet connection, firewall and boundary network. After the testing exercise, we will examine audit logs with you, review alarms generated by the test, and offer configuration and procedural recommendations for reducing risk. For maximum benefit, we recommend combining this task with a security survey.
Risk Analysis
For those customers who require formal certification of their data networks, Telecom and Logistics Associates offers a Risk Assessment Service. It includes analysis of network architecture, host configuration, physical environment, and operating procedures, and produces a comprehensive certification evidence package. This package documents:
- System characteristics
- Threats to network information assets
- Vulnerabilities to the specified threats
- Mechanisms and procedures intended to counter threats and reduce vulnerabilities
- Residual risks
- Prioritized recommendations for reducing residual risks
The standard evidence package can be tailored to specifications imposed by corporate management or regulatory institutions to which the customer organization is subject.