|
Related Links: [
Inquire about
Pricing for this Service ]
[View a Sample BITS Proposal for a Banking
Institution ] Our BITS Service is an expanded version of
our Basic Vulnerability Assessment Service.
 |
Basic
assessments of platforms, operating
systems, and standard applications (our
Basic Vulnerability Assessment Service);
|
|
|
It is
supplemented security assessments of a
business or organization's processes and
automation, particularly as associated
with front-end point of sale systems,
and back-end accounting, customer
service, application servers, and
database systems. |
|
|
We also
perform advanced security evaluations of
custom applications or security
products. |
|
|
We also perform a financial analysis of
the different remediation techniques to help
you form a strategy that maximizes the value
of your IT Investment (see column at right) |
Includes the Basic Service. Basic
features provide you with valuable insight into
where your systems are vulnerable to internal
and external attacks. We also recommend where
remediation is most required, and what
improvements would bring "best value for your
capital investment". The Assessment's
purpose is to identify the vulnerabilities to a
company’s information infrastructure as well as
appropriate countermeasures.
We work with your teams' port scanning and
penetration test team. While IT GlobalSecure
can perform these services, we find many
customers already possess scanning tools such as
the eEye Retina, and can provide these results
to us. We respond to clients that require
independent and expert review of these results,
done quickly and professionally.
Typical Duration. The typical BITS
assessment is typically a short-term (3 to 8
week) task. This number may vary if large custom
or poorly documented applications are in use, or
if the network topology (particularly for
multiple Internet gateways or extranets) is more
complex.
Pricing: This service comes in both
fixed price and hourly-based service models.
Submit a Bid
Request for more information. Pricing is
based on number of IPs, number of customer
applications (optional), and amount of
pre-existing documentation to be reviewed
pertinent to the network topology under
consideration.
Deliverable Results. Our report will
address the common issues usually included in
most assessments: areas of poor password
practices, network configuration problems, and
server configuration problems. It will summarize
security incidents, denial of service attacks,
or misuse of resources via broken passwords. It
will include recommended actions for system and
network administrators, to include addressing
operating system deficiencies, configuration
errors, and network holes. Based on your
requirements, we can evaluate application
interfaces (inter-application,
Internet|Intranet|Extranet gateways, and user
interfaces) to provide information on
misconfigured applications (mail servers, web
servers, proprietary applications and
occasionally database servers). Your Internet
connections will be evaluated for their
potential for hacker/cracker threats. Your
system and network administrator procedures
(such as they exist) will be reviewed against
the perceived threats to your network, and
against your company's or organization's
security policy.
We don't omit the importance of people.
We review the procedures of people, and not just
computers, to ensure we have a complete picture
of the strength or weaknesses of your operation.
In addition, our financial analyses incorporate
the relative costs of labor, across the
organization, in making in procedural change
recommendations.
Support for Custom Applications.
Custom applications and security products often
need an outside security review to ensure their
quality. Advanced business and e-commerce
applications often integrate other distributed
applications - such as financial transaction
processing or point-of-sale systems. Many of
these applications are at the core of the
business model and strategy of the companies
that develop and use them. IT GlobalSecure has
extensive experience with the review of custom
applications that span an entire enterprise. We
can review how the application and its security
are implemented and provide guidance on
improvements. |
BITS
Helps Key Decision Makers Justify their IT and Security
Budgets