One of the TopGuard Security Company activities is to provide information services for our clients to make effective management decisions.

  • risk assessment
  • business partner assessment
  • competitor analysis
  • business negotiations information services
  • employee background and personal check

1. Information security documentation
Name of the document Description
1 Concept of information security general principles and approaches to company information security system creation
2 Draft Information Security main goals of company information security system creation, all kinds of threats to information system and how to protect it.
3 Regulations on information security department information security department, main goals and responsibilities
4 Instructions and regulations job descriptions, instructions, regulations, including rules for dealing with e-mail, open Internet network, the procedure for choosing a password.
5 Standards for Information Security an annex to the basic set of the documentation for information protection.

2. Conducting security analysis of an information system
Main stages

Measure Description
1 Analysis of the current state of enterprise information system Analysis of operating services and programs, checking the latest software and updates.
2 Services and Software Vulnerability Search a technical audit of security of local area networks and personal computers is carried out.
3 Analysis and classification of possible threats based on discovered vulnerabilities potential threats to information system are identified, and their classification is conducted.
4 Development of recommendations for their elimination Taking into account the results produced, recommendations on the selection and updating software, changing the rules of access control and installation of additional security information means.

3. Selection of solutions for information security
Measure Description
1 Firewall to provide safe access to company information resources and protection against unauthorized access from the Internet.
2 attacks detection systems to identify suspicious activity, unauthorized access and rapid response.
3 Anti-virus protection to protect against virus attacks when using public networks, from viruses to a local area network to an external storage media.
4 monitoring and filtering email messages to address filtering mass mailing of promotional messages and leakage of confidential information.
5 Virtual Private Network (VPN) to protect information in open communication channels between the company network and subsidiaries or mobile workers.
6 Storage and destruction of confidential information protection and emergency destruction of sensitive information stored and processed on personal computers in the local network.
7 Means of protection from unauthorized access to eliminate unauthorized access to computer resources and demarcation of user rights (using biometrics and other identification systems, and the ability to integrate with access control to the premises).
8 System backup information for the possibility of recovery in case of loss of power surges, failure of the storage medium, natural disasters, etc.
9 Centralized management and control of security for ease of configuration, administration and operational control of all the components installed information protection system.

4. Implementation of information security systems.
Installing and configuring of individual means of protection of information with the possibility of combining them into a single system. With the development of the information system, modernization of the system of protection of information aimed at the reflection of the new types of threats is carried out.