IT & Information Services
One of the activities of TopGuard Security Company is to provide information services to clients to take effective management decisions.
Providing information - analytical materials
- The study of business partners, competitors:
the collection of information for business negotiations and to identify creditworthy or unreliable business partners, assessment of credit and other risks when entering into contracts;
- Study of staff:
identification of biographical and describing the identity data to obtain objective advice from former places of work, identification of psychological characteristics of the candidate, comprehensive check of staff loyalty and reliability.
Information and computer security
|№||Name of the document||Description|
|1||The concept of an information security||general principles and approaches to company-specific information security.|
|2||Draft Information Security||aims and objectives of constructing a system of information protection, species typical of threats to information system and how to prevent them.|
|3||Regulations on the IT Security Department||tasks and functions of the department responsible for organizing and coordinating the work of comprehensive data protection, monitoring and evaluation of the effectiveness of measures taken to ensure information security organization.|
|4||Methodological documents||instructions, regulations, including rules for dealing with e-mail, open Internet network, the procedure for choosing a password, as well - job descriptions.|
|5||Standards for Information Security||serve as an annex to the basic set of organizational - administrative documentation for information protection.|
2. Conducting security analysis of an information system
|1||Analysis of the current state of enterprise information system||Analysis of operating services and programs, checking the latest software and updates.|
|2||Services and Software Vulnerability Search||a technical audit of security of local area networks and personal computers is carried out.|
|3||Analysis and classification of possible threats||based on discovered vulnerabilities potential threats to information system are identified, and their classification is conducted.|
|4||Development of recommendations for their elimination||Taking into account the results produced, recommendations on the selection and updating software, changing the rules of access control and installation of additional security information means.|
3. Selection of solutions for information security
|1||Firewall||to provide safe access to company information resources and protection against unauthorized access from the Internet.|
|2||attacks detection systems||to identify suspicious activity, unauthorized access and rapid response.|
|3||Anti-virus protection||to protect against virus attacks when using public networks, from viruses to a local area network to an external storage media.|
|4||monitoring and filtering email messages||to address filtering mass mailing of promotional messages and leakage of confidential information.|
|5||Virtual Private Network (VPN)||to protect information in open communication channels between the company network and subsidiaries or mobile workers.|
|6||Storage and destruction of confidential information||protection and emergency destruction of sensitive information stored and processed on personal computers in the local network.|
|7||Means of protection from unauthorized access||to eliminate unauthorized access to computer resources and demarcation of user rights (using biometrics and other identification systems, and the ability to integrate with access control to the premises).|
|8||System backup information||for the possibility of recovery in case of loss of power surges, failure of the storage medium, natural disasters, etc.|
|9||Centralized management and control of security||for ease of configuration, administration and operational control of all the components installed information protection system.|
4. Implementation of information security systems.
Installing and configuring of individual means of protection of information with the possibility of combining them into a single system. With the development of the information system, modernization of the system of protection of information aimed at the reflection of the new types of threats is carried out.