IT System Security Audit
NEED (The Customer problem/need resolved with this solution)
IT systems are fairly complex, composed of a few interconnected units commonly maintained by different in-house people or departments, but very frequently there are external companies hired to maintain some parts of the system, like the network and applications. The staff then spend more office hours on system maintenance and troubleshooting and less on the introduction of new functions. The company IT staff do not have enough time or specialist know-how to cover all areas. Security is a particularly complex area for different reasons: it requires good knowledge of a variety of technological areas, regular tracking of newly discovered weaknesses, new attack and protection methodology, and a different, lateral way of thinking to repair the damage.
For the above listed reasons, the system design and device configuration may suffer from malfunctions and inconsistencies, resulting in system vulnerability to unexpected situations. The Customer then has a need for someone who would be impartial and inspect device configurations with an emphasis on security and provide their opinion of the current configuration and recommendations for its repair. Likewise, if a Customer is planning more complex system modifications, it is good to ask for another, independent opinion concerning these modifications and their impact on the current system and its security.
SOLUTION (What does the solution offer?)
RECRO team of experts inspects device configuration or the segment of the system the Customer needs an audit for within the established deadlines. This activity will result in a written report which includes the security audit and repair recommendations. In addition to the report in writing, the Customer will also receive two presentations, one presentation with general security audit for the Board Members and a detailed technical presentation for the repair team. This independent audit should be carried out minimum once a year, i.e. prior and subsequent to any severe IT interventions.
BENEFIT (What benefits does the Customer obtain from this solution?)
Cost reduction, as it is not necessary to have specialist in-house staff. Prevention, which implies avoidance of unexpected direct costs, and indirect troubleshooting and repair costs. The Customer benefits from project activities that provide fixed costs, deadlines and clear and accurate project results. The project activities can also be custom-made. It is also important to obtain independent opinion, unaffected by in-house relationships, selling demands or security repair difficulties.
OUR ADVANTAGES (Why to use our solution?)
RECRO has a large number of permanently employed specialists for a variety of different areas, who can cover virtually any configuration the Customers might have in their possession. There are 4 persons in charge of security. The majority of our specialists are holders of world recognized Certificates, e.g. RECRO employs 10 CCIE certified network specialists, which exceeds the number in any other company worldwide. Our specialists undertake trainings on regular basis and follow latest trends, have practical training experience, troubleshooting experience with Customers with regular maintenance agreements and have participated in projects with a variety of Customers.
REQUIREMENTS (What requirements should the Customer fulfill?)
A confidentiality agreement. A complete access to configurations and all device data included in the security audit.
PRODUCTS AND SERVICES (What products and services does the solution require and contain?)
- System security audit,
- System report development,
- Presentations for the Board Members,
- Presentations for the technical staff