Infrastructure Security

        Is your network "secure-by-design, or are security features added on an 
        ad hoc basis?

        Are your existing technology controls sufficient to secure your data?

        Are you presently upgrading your network, and planning to implement new
        security technologies?

Your organization’s network infrastructure provides the functional support for secure business operations – how can you effectively use it to create a competitive advantage?

Digital Defence will assess your network infrastructure, or specific components, using a methodology based on the International standard ISO 27001:2005, or the Sherwood Applied Business Security Architecture (SABSA). The primary characteristic of the SABSA model is that it is risk-driven, and all aspects of the analysis are directly derived from an assessment of business requirements.

We provide an objective assessment of the effectiveness of your network's technology, people and processes, and how they impact your organization's data security. Our goal is to ensure that the most appropriate controls are implemented - your business strategy is fully supported, security and manageability are enhanced, and complexity and cost are reduced.

Digital Defence can assess the security of multiple architectures, including:

• Wired networks (WAN, LAN)
• Wireless networks (WAN, LAN, Bluetooth)
• Virtualized environments, including “cloud computing” platforms 
• Remote access technologies
• Network and security devices, including firewalls, VPNs, IPS/IDS
• Voice over IP (VoIP) networks, PBX, and related telecommunications devices

Service Description

During the infrastructure security assessment, Digital Defence will:

• Assess strategic, security and network documentation
• Review the existing architecture
• Conduct a data flow analysis to identify where data enters and leaves the controlled network, including connectiions to third parties, backup locations, DRP/BCP sites; review separation of production and test data 
• Conduct a technology review, including the existing network topology, access controls, authentication mechanisms, and network administration and maintenance; this review will include relevant people and processes 
• Review physical and logical security controls for servers, workstations and mobile devices
• Assess security log and event management systems; ensure auditability 

Digital Defence can provide additional services to improve the security of your technical infrastructure, including:

• Assistance in product testing and selection; clients can test devices under realistic conditions in our Trial and Evaluation lab 
• Installation and configuration services, including pre-staging 
• Hardening of network equipment, servers, and workstations, including creation of a Common Operating Environment to facilitate rapid roll-out of secure netowrk configurations and system builds
• Centrally managed and auditable vulnerability and patch management 
• Vendor-specific security device training