IT & Information Services
2019-02-05T10:23:51Security services
Security agency (company) TopGuard

IT & Information Services

One of the TopGuard Security Company activities is to provide information services for our clients to make effective management decisions.

  • risk assessment
  • business partner assessment
  • competitor analysis
  • business negotiations information services
  • employee background and personal check

1. Information security documentation

Name of the documentDescription
1Concept of information securityGeneral principles and approaches to company information security system creation
2Draft Information SecurityMain goals of company information security system creation, all kinds of threats to information system and how to protect it.
3Regulations on information security departmentInformation security department, main goals and responsibilities
4Instructions and regulationsJob descriptions, instructions, regulations, including rules for dealing with e-mail, open Internet network, the procedure for choosing a password.
5Standards for Information SecurityAn annex to the basic set of the documentation for information protection.

2. Conducting security analysis of an information system. Main stages

MeasureDescription
1Analysis of the current state of enterprise information systemAnalysis of operating services and programs, checking the latest software and updates.
2Services and Software Vulnerability SearchA technical audit of security of local area networks and personal computers is carried out.
3Analysis and classification of possible threatsBased on discovered vulnerabilities potential threats to information system are identified, and their classification is conducted.
4Development of recommendations for their eliminationTaking into account the results produced, recommendations on the selection and updating software, changing the rules of access control and installation of additional security information means.

3. Selection of solutions for information security

MeasureDescription
1FirewallTo provide safe access to company information resources and protection against unauthorized access from the Internet.
2Attacks detection systemsTo identify suspicious activity, unauthorized access and rapid response.
3Anti-virus protectionTo protect against virus attacks when using public networks, from viruses to a local area network to an external storage media.
4Monitoring and filtering email messagesTo address filtering mass mailing of promotional messages and leakage of confidential information.
5Virtual Private Network (VPN)To protect information in open communication channels between the company network and subsidiaries or mobile workers.
6Storage and destruction of confidential informationProtection and emergency destruction of sensitive information stored and processed on personal computers in the local network.
7Means of protection from unauthorized accessTo eliminate unauthorized access to computer resources and demarcation of user rights (using biometrics and other identification systems, and the ability to integrate with access control to the premises).
8System backup informationFor the possibility of recovery in case of loss of power surges, failure of the storage medium, natural disasters, etc.
9Centralized management and control of securityFor ease of configuration, administration and operational control of all the components installed information protection system.

4. Implementation of information security systems.

Installing and configuring of individual means of protection of information with the possibility of combining them into a single system. With the development of the information system, modernization of the system of protection of information aimed at the reflection of the new types of threats is carried out.