Hagios Consulting - Information Security Services

Security is a key business enabler, making better-informed decisions possible. Authentication and access strategies for users are critical for growing the busienss. A good security strategy should enable business personnel to perform their duties and customers to interact with the business with confidence. Security architecture can help integrate IT functions to ensure that consistent practice and coherent approaches are applied across the enterprise to maximise sucurity and control.

Organisations must implement a multifaceted information security portfolio to fulfill regulatory compliance criteria.

A security standard consists of a few elements that help make it complete or cover almost all bases of an implemetation.

Administration - All critical information assets should be patched (and on a regular basis where appropriate) to eliminate known vulnerabilities. Security requirements should be incorporated into the implementation process. This aspect of security standards covers target configuration, access to targets, and their classification. Click here for more.
Detection - All changes to sensitive data should be logged to provide the ability to answer audit questions should a need arise such as “who changed what data?” and “when was it changed?” Auditing and monitoring offer compensating controls when preventive measures are not enabled. In addition, vulnerability assessment reports gaps in implementation, such as weak passwords or excessive access privileges. Click here for more.
Prevention - This component of security focuses on preventing unauthorized access and protecting against attacks. Prevention should be our top priority. Although monitoring is essential to track data access, it does not prevent unauthorized access and stealing of information. It covers things such as firewalls, network traffic encryption and data masking among other things. Click here for more.