The Consulting Practice has developed a suite of solutions that addresses all aspects of an organizations security from a technological perspective.  Our CISSP certified engineers have performed security assessments for all different aspects of IT Security within various industry sectors: Government, Financial, Communications, Manufacturing, Legal and Distribution.

SECURITY*ASSESSMENT

Our Security*Assessment can be the initial step undertaken to tackle the challenges associated with security vulnerabilities.  Our organization follows standard security guidelines to determine what policies/procedures are in place within an organization.   We also conduct interviews and perform analysis to determine the robustness of an organizations infrastructure.  Comprehensive reporting and analysis is produced as a deliverable for our client so that measures can be taken to correct the vulnerabilities that have been uncovered.  Our reporting is developed upon analysis of the following elements as defined by the international ISO/IEC 17799-27000  security standard:

	Security Policy
	Organizational Security
	Asset Classification and Control
	Personnel Security
	Physical and Environmental Security
	Communications and Operations Management
	Access Control
	Systems Development and Maintenance
	Business Continuity Management
	Compliance
	Security Requirements & Risk Management

ETHICAL*PENETRATION*TESTING

Additionally, our Ethical*Penetration*Testing service can be used in conjunction or in parallel with our Security*Assessment service to identify potential external vulnerabilities.  We use tools and techniques in order to attempt to breach an organization's network and uncover vulnerabilities.  This is one of the most important procedures that an organization should perform, as previously unknown network deficiencies and points of access are identified.  Corrective steps can be taken immediately once this analysis is completed.

SECURITY*STRATEGY

Once the exposed elements of an organizations infrastructure are secured, it is appropriate to create or update an organization's security strategy.  Our Security*Strategy solution can be used to address all of an organization's security needs, and encompasses areas that include: Data Networks, Internet Connectivity, Software, Physical Infrastructure, Environmental Security, Disaster Recovery and all Policies and Procedures.

SECURITY*DEVELOPMENT

In order to implement a security strategy, we provide our clientele with our Security*Development solution, which can be used to address all areas of concern as it relates to security policies and procedures.  This offering includes the creation and documentation of all policies and procedures that an organization requires, as a result of the implementation of a security strategy.

SECURITY*IMPLEMENTATION

We provide Security*Implementation services as our organization is familiar with most hardware, software, and networking technology.  Our consultants are CISSP certified and can ensure that all technology is optimally deployed.

MANAGED*SECURITY

On an on-going basis, we provide our clients with a Managed*Security service so that all of the policies and procedures are implemented and updated as per an organizations security strategy.  Some organizations do not have the staff in-house to perform these functions, and we provide this service on a regularly scheduled basis.  Other organizations do have security expertise, but require additional assistance to manage their environments, and rely on us to complement their internal resources.

SECURITY*PROJECT

Organizations might find that they do not enough staff on-board to handle security projects.  This may be due to lack of training, or due to resource availability.  The Consulting Practice is able to provide its clients with a project approach for performing security work, by supplying appropriate resources, and project management skills so that implementations are performed on time and within budget.

 SECURITY*CONSULTANT

An organization may find itself in need of a resource(s) on site to perform security type functions for a specific duration.  Our CISSP certified consultants are able to provide organizations with the expertise they need to handle security related issues.  From Architecture, Design, Implementation, Trouble-Shooting, Maintenance, and Monitoring, our consultants have hands on experience with most security environments and technologies in place today.