Effective information security involves using an integrated approach combining both organizational and technical security measures.
JSC «DialogueScience» offers wide-ranging consulting services in development, deployment and support of integrated information security systems. All services are grouped into a single cycle and include the following main categories:
• Technical support of the security systems
• Administration of security tools
• Outsourcing of security functions
• Security system management under a Service Level Agreement
• Secure Mail service
• Software and hardware deliveries
• Software and hardware installation and configuration
• Security system testing
• Personnel training
• Penetration testing
• ISO 27001 and ISO 27002 compliance assessment
• Automated security scan
• Assessment of compliance with Bank of Russia requirements
• Security risk assessment and analysis
• Audit to detect confidential data leaks onto the Internet
• Assessment of compliance with the requirements of the Federal Law On Personal Data
• Development of a technical requirements for the security systems
• Design of an integrated information security systems
• Development of user manuals
• Development of an information security management systems compliant with ISO 27001
• Development of the information security policies
• Creation of technical policies
• Development of a business continuity policies
• Creation of information security procedures and instructions
Phase one (AUDIT) of the services cycle involves an information security audit to analyze how secure the client is against external and internal threats. Analysis data are used to develop the security policies (phase two, SECURITY POLICY) and a number of auxiliary regulations that formalize the information security processes at the organization. If the client already has a security policy in place, it is upgraded to meet the modern requirements and the currently relevant model of security threats.
Phase three (DESIGN) involves designing an integrated information security system. At the design stage, specific solutions are chosen to protect information resources. This phase may also involve developing an information security management system compliant with ISO 27001:2005.
Phase four (DEPLOYMENT) involves installing and configuring security tools included in the integrated information security system. This phase may also include personnel training.
Phase five (SUPPORT) involves technical support of the information security system.
JSC «DialogueScience» provides these services either jointly or separately depending on the client’s needs. This differentiated approach enables a phased implementation of the full range of organizational and technical security measures, allowing the client to effectively distribute costs and human resources across the project timeline.
Highly-skilled JSC «DialogueScience» consultants will offer the most convenient format and the optimum selection of services to match the individual specifics of the client company, taking into account the economic feasibility of the project.