PROGRAM OVERVIEW
Finding the right provider and combination of security technology and services can be a daunting task. Managed Security Services have been developed to provide a packaged solution to protect sensitive information and the integrity of the network. The main components of these managed security services are firewall management, intrusion detection, and incident response.

Our Information Security (InfoSec) Management Program was designed to provide the financial institutions we work with a comprehensive solution, applying best practices, addressing the critical factors in preventing, detecting, and responding to attacks.

Firewall Management
Installing a firewall will not in itself keep wanted traffic moving and unauthorized traffic out. It requires ongoing maintenance and administration to function at its potential.

Cornice engineers continually review configuration settings, adjusting for changes in usage patterns and newly discovered attack tactics. We also research, review, and install release updates and patches to keep new vulnerabilities from becoming exploitations. In addition, our trained professionals will review log files on a periodic basis to look for malicious activities that may have occurred in a combination of sources or set of events.

Intrusion Detection Systems (IDS)
Cornice works with host and network-based intrusion detection systems and services, configuring these systems to detect and produce alerts according to your security policies.

We administrate the system and sensors to make any necessary changes, responding to new attack signatures and lessons learned by other security experts.

Passive monitoring of the system occurs 24x7x365 under our program. If and/or when an alarm is sounded, the nature of the event will be determined and an alert will be sent to a Cornice engineer who will respond as is appropriate.

Over time, the sensor will record events locally in a log, which can be used to track trends, correlate data, and generate reports.

Incident Response
As a key member of your Incident Response Team, Cornice will apply its expertise in minimizing any harmful consequences of an intrusion, assist in the reporting and estimating of any damage done, and support any necessary recovery activity.

Throughout all three elements of prevention, detection, and response, our clients count on us to monitor and understand changes in security practices to apply the lessons learned, by us and others, to sustain a high degree of security in their IT environments.

POLICY & DECISION SUPPORT
An integral part of the InfoSec Management Program is being prepared to prevent and respond to both internal and external malicious activities. Understanding how and what to consider in preparing policies can be challenging, requiring resources and time. Cornice has experience designing and developing security policies and incident response plans, taking away the trials and guesswork.

Making the right decisions to acquire secure computing devices, software, and services can also be complex. We have worked with the leading Managed Security Service Providers (MSSPs) and leading technology companies. Our experts understand the features of each and can assist you in deciding what solution best meets your needs. Further, Cornice is capable of installing, configuring, and in some cases, working with these technologies and MSSPs.

ENGAGEMENTS
Our InfoSec Management Program was designed to assist our clients on a constant and ongoing basis. Most of our clients engage us on an annual basis to perform these services as required. Although we strongly recommend a complete solution by utilizing both a firewall and an intrusion detection system, we do offer a Program that excludes IDS.

A combination of the InfoSec Management Program with our Desktop, Server, and Network Device Management Programs will provide a comprehensive security program. This combination will add release updates, patch management services and anti-virus management services for all of the devices on your network.

Download Printer-Friendly Version