One of the TopGuard Security Company activities is to provide information services for our clients to make effective management decisions.
- risk assessment
- business partner assessment
- competitor analysis
- business negotiations information services
- employee background and personal check
Information and computer security
1. Information security documentation
№ | Name of the document | Description |
---|---|---|
1 | Concept of information security | General principles and approaches to company information security system creation |
2 | Draft Information Security | Main goals of company information security system creation, all kinds of threats to information system and how to protect it. |
3 | Regulations on information security department | Information security department, main goals and responsibilities |
4 | Instructions and regulations | Job descriptions, instructions, regulations, including rules for dealing with e-mail, open Internet network, the procedure for choosing a password. |
5 | Standards for Information Security | An annex to the basic set of the documentation for information protection. |
2. Conducting security analysis of an information system. Main stages
№ | Measure | Description |
---|---|---|
1 | Analysis of the current state of enterprise information system | Analysis of operating services and programs, checking the latest software and updates. |
2 | Services and Software Vulnerability Search | A technical audit of security of local area networks and personal computers is carried out. |
3 | Analysis and classification of possible threats | Based on discovered vulnerabilities potential threats to information system are identified, and their classification is conducted. |
4 | Development of recommendations for their elimination | Taking into account the results produced, recommendations on the selection and updating software, changing the rules of access control and installation of additional security information means. |
3. Selection of solutions for information security
№ | Measure | Description |
---|---|---|
1 | Firewall | To provide safe access to company information resources and protection against unauthorized access from the Internet. |
2 | Attacks detection systems | To identify suspicious activity, unauthorized access and rapid response. |
3 | Anti-virus protection | To protect against virus attacks when using public networks, from viruses to a local area network to an external storage media. |
4 | Monitoring and filtering email messages | To address filtering mass mailing of promotional messages and leakage of confidential information. |
5 | Virtual Private Network (VPN) | To protect information in open communication channels between the company network and subsidiaries or mobile workers. |
6 | Storage and destruction of confidential information | Protection and emergency destruction of sensitive information stored and processed on personal computers in the local network. |
7 | Means of protection from unauthorized access | To eliminate unauthorized access to computer resources and demarcation of user rights (using biometrics and other identification systems, and the ability to integrate with access control to the premises). |
8 | System backup information | For the possibility of recovery in case of loss of power surges, failure of the storage medium, natural disasters, etc. |
9 | Centralized management and control of security | For ease of configuration, administration and operational control of all the components installed information protection system. |
4. Implementation of information security systems.
Installing and configuring of individual means of protection of information with the possibility of combining them into a single system. With the development of the information system, modernization of the system of protection of information aimed at the reflection of the new types of threats is carried out.