Sharper Technology Professional Security Services
Protecting business-critical assets and information has been elevated to a Board-Level priority. Business and Government have focused extraordinary resources on defending against security breaches. Fortune 500 companies, government agencies, small and medium businesses, state and local government and even individuals are at risk. Yesterday’s defenses can’t hold off today’s concentrated attacks. Sharper Technology works with the premier vendors in the field to bring you the latest solutions to secure your environment.
New guidelines and legislation (HIPPA, Gramm-Leach-Bliley, Sarbanes Oxley, etc.) have placed additional legal and reporting responsibilities on the IT organization. Every organization is required to provide proof that they have acted responsibly and may be held legally accountable (criminal, civil and or Regulatory) for damages and loss should a breach of security arise. Further, without proof of , individual Corporate Officers can be personally responsible. Due Care is the process of assessing and evaluating the information security risks the company faces, and then taking the appropriate steps to mitigate, accept, reject or transfer those risks. Exacerbating these issues is the fact that there is a severe shortage of qualified, trained and certified engineers available to address the problems.
Sharper Technology provides a way for our customers to buy down risk through the systematic identification and reduction of information security vulnerabilities in policies, procedures, configurations and implementations, while at the same time reducing potential liability issues related to information security compromises. Our Security Services Process (SSP) provides a standardized, highly reliable and proven methodology for developing and implementing appropriate safeguards to protect information assets. Sharper Technology’s Information Security Services augment our customers own Risk Management and IT Security practices in several key areas.
The first step in our Security Services Process is a Security and Compliance Audit. This audit is based upon the Information Assurance Methodology (IAM) developed by the National Security Agency (NSA). There are two sections to this audit. First, Sharper Technology performs a review of the organizations Information Security Policy to verify that it supports the organizations business needs, is in line with industry “Best Practices” and that it supports compliance with state, federal and industry specific regulations ( Examples: HIPAA, California SB 1386, Sarbanes-Oxley section 404 and Gramm-Leach-Bliley). Next, Sharper Technology reviews and analyzes the documented design of the Information Security Architecture (procedures, processes, devices and configurations) to ensure that the designed architecture effectively enforces the organization’s security policy. A Gap analysis is included in each section’s report, with business appropriate recommendations on how to close the gap between the current and desired security postures
The second step in the process is a Security Device Heath Check. This is a hands-on verification of the configuration and maintenance of the actual security devices within the IT infrastructure These devices can include firewalls, VPNs, routers and switches, IDS/IPS devices, encryption appliances as well as content filters and AVs. The Health check serves to verify that the operational configuration correctly implements the intended design, that it is configured according to industry Best Practices, and that the software, firmware and patch levels are current and/or at the most secure revisions.
Next, Sharper Technology provides independent third party Vulnerability Assessments. Vulnerability testing identifies and comprehensively scans networked systems to detect security weaknesses. Vulnerability assessments can be external (Internet facing), internal (LAN-based) or custom (targeted to meet the specific requirements of your environment). A vulnerability assessment will also include recommended remediation steps.
Lastly, Sharper Technology provides independent third party Penetration Testing. A Penetration Test provides not only a functional level verification of the security architecture, but also tests your organizations incident response capabilities.
Combined or separately, the above tests serve to document the Due Care and Due Diligence of your Executive Staff in the area of Information Assurance and Security should an information security breach ever occur.
Sharper Technology People: Trusted Security Advisors
Sharper Technology has a 10+ year track record of successful threat mitigation services and providing world-class security products to our customers. Our team of security professionals are certified CISSP (Certified Information Systems Security Professional). They are trained and seasoned security engineers experienced in designing and implementing a layered security approach customized for each customers needs.
Phone: +1 (650) 964-4600