|
INFORMATION SECURITY MANAGEMENT PROGRAM |
IT
Management Programs
|
||||||||||||||||||||||||||||||||
PROGRAM OVERVIEW Our Information Security (InfoSec) Management Program was designed to provide the financial institutions we work with a comprehensive solution, applying best practices, addressing the critical factors in preventing, detecting, and responding to attacks. Firewall
Management Cornice engineers continually review configuration settings, adjusting for changes in usage patterns and newly discovered attack tactics. We also research, review, and install release updates and patches to keep new vulnerabilities from becoming exploitations. In addition, our trained professionals will review log files on a periodic basis to look for malicious activities that may have occurred in a combination of sources or set of events. Intrusion
Detection Systems (IDS) We administrate the system and sensors to make any necessary changes, responding to new attack signatures and lessons learned by other security experts. Passive monitoring of the system occurs 24x7x365 under our program. If and/or when an alarm is sounded, the nature of the event will be determined and an alert will be sent to a Cornice engineer who will respond as is appropriate. Over time, the sensor will record events locally in a log, which can be used to track trends, correlate data, and generate reports. Incident
Response Throughout all three elements of prevention, detection, and response, our clients count on us to monitor and understand changes in security practices to apply the lessons learned, by us and others, to sustain a high degree of security in their IT environments. POLICY
& DECISION SUPPORT Making the right decisions to acquire secure computing devices, software, and services can also be complex. We have worked with the leading Managed Security Service Providers (MSSPs) and leading technology companies. Our experts understand the features of each and can assist you in deciding what solution best meets your needs. Further, Cornice is capable of installing, configuring, and in some cases, working with these technologies and MSSPs. ENGAGEMENTS
A combination of the InfoSec Management Program with our Desktop, Server, and Network Device Management Programs will provide a comprehensive security program. This combination will add release updates, patch management services and anti-virus management services for all of the devices on your network. |
|