Single Point of Contact

 

Contact Us

Quick Order
 Register with us today
for a free quote

Contact our Sales Team
sales@singlepointoc.com
Phone: 800-791-4300 OPT 2
Security

Single Point of Contact Security Services

Single Point of Contact understands that computer, information, and physical security are becoming more important at an exponential rate in light of the continuing increase in computer related crimes. Over the last few years the necessity for computer and information security has grown rapidly as web sites have been defaced, Denial-of-Service attacks have increased, credit card information has been stolen, publicly available hacking tools have become more sophisticated, and today’s viruses and worms cause more damage than ever before.

Do You Have These Challenges?

  • IT department security management goals are not aligned with your company’s overall goals
  • Your security strategy is not sufficiently dynamic to keep pace with the rate of organizational and technical change
  • Security is viewed by your company as overhead rather than an organizational investment
  • You have a technology-centric approach to security vs. a mission-centric (or strategic driven) approach
  • Computer and information security is seen only as an IT responsibility by other departments as well as your executives

Our Solution

Single Point of Contact uses a top-down approach to security. We understand that in order for a security program to be effective, the initiation, support, and direction should come from the top management of your business. This ensures that overall security requirements, goals, and assurance level expectations are understood within your business. We use the following controls to achieve management’s security directives:

  • Administrative Controls: These include the developing and publishing of policies, standards, procedures, and guidelines, risk management, the screening of personnel, conducting security awareness training, and implementing change control procedures.
  • Technical Controls (logical controls): These consist of implementing and maintaining access control mechanisms, password and resource management, identification and authentication methods, security devices, and the configuration of infrastructure.
  • Physical Controls: These entail the controlling of individual access into your facility and various departments, locking systems and removing unnecessary floppy or CD-ROM drives, protecting the perimeter of the facility, monitoring for intrusion, and environmental controls.

Single Point of Contact’s security solutions are based on the following items:

Why Choose Single Point of Contact?

Experience
We have some of the smartest network security professionals in the industry who hold certifications such as CISA, CISM, CISSP, and SSCP.

Compliance
Our breadth of services and industry-leading flexibility enables us to provide you with just the right solution to meet the requirements of your industry or a particular security challenge including:  GLBA/FFIEC - Banking/Credit Union, HIPAA - Healthcare, NERC/CIP - Utility, PCI - Retail, Financial, Insurance, SOX - Sarbanes Oxley.

Risk Mitigation and Cost Reduction
Our Security Services improve network reliability, mitigate risk and reduce the overall cost of managing network security, and provide an attractive alternative to resource and capital intensive in-house network security support.

Solution Details

Approach

Without setting up a life cycle approach to a security program, an organization is doomed to treat security as merely another project. Single Point of Contact has a comprehensive and effective security program life cycle approach with the following phases and components to ensure on-going flexibility to meet the changing needs of your business

Plan and Organize

  • Establish management’s commitment
  • Establish an oversight steering committee
  • Assess your business drivers
  • Create a threat profile of your organization
  • Execute a risk assessment
  • Develop appropriate security architectures at an organizational, application, network, and component level
  • Identify solutions for each architecture level
  • Obtain management approval to move forward

Implement

  • Assign roles and responsibilities
  • Develop and implement security policies, procedures, standards, baselines, and guidelines
  • Identify sensitive data at rest and in transit
  • Implement the following blueprints:
    • Asset identification and management
    • Risk management
    • Vulnerability management
    • Compliance
    • Identity management and access control
    • Change control
    • Software development life cycle
    • Disaster recovery and business continuity planning
    • Awareness and training
    • Physical security
    • Incident response
  • Implement the appropriate and cost effective solutions (administrative, technical, physical) for each blueprint
  • Develop auditing and monitoring solutions per blueprint
  • Establish goals, service level agreements (SLAs), and metrics for each blueprint

Operate and Maintain

  • Follow procedures to ensure all baselines are met in each implemented blueprint
  • Execute internal and external audits at an agreed upon interval
  • Execute tasks outlined for each blueprint
  • Manage service level agreements for each blueprint

Monitor and Evaluate

  • Review logs, audit results, collected metric values, and SLAs for each blueprint
  • Assess goal accomplishments for each blueprint
  • Conduct quarterly meetings with steering committees
  • Develop improvement steps and integrate into the Plan and Organize phase

Security Best Practices

Single Point of Contact security solutions are based on ISO ISO/IEC 27002:2005 Information technology - Security techniques - Code of practice for information security management (aka ISO/IEC 17799:2005).

Benchmarking

Single Point of Contact uses several tools to benchmark how secure your environment is and determine technology vulnerabilities. Some of the tools we use include:

Auditing

Single Point of Contact offers a comprehensive computer security audit program which includes manual and automated technical assessments of your systems and applications. Manual assessments include interviewing staff, performing security vulnerability scans, reviewing application and operating system access controls, and analyzing physical access to the systems. Automated assessments include system generated audit reports or using software to monitor and report changes to files and settings on a system. Systems may include personal computers, servers, mainframes, network routers, and switches. Applications may include Web Services, SQL and Oracle Databases. We also offer Penetration Testing services using tools such as GFI LANguard, Microsoft Baseline Security Analyzer, and Nessus.

Countermeasure Technology Expertise

Single Point of Contact knows that applying the right countermeasure can eliminate a vulnerability and exposure, and thus reduce the risk to your business. We have the experience you need in technology-based countermeasures such as:

  • Anti SPAM / Spyware / Virus (McAfee, Trend Micro, Symantec)
  • Intrusion Detection Systems (Cisco, Snort)
  • IDS/IPS
  • IPSec
  • Network Address Translation (NAT)
  • Network Device Hardening (Firewalls, Switches, Routers, Wireless)
  • PKI
  • Security Appliances (CheckPoint, Cisco, SonicWall)
  • Server Hardening
  • SSL

Managed Security Services

Single Point of Contact can help you maximize the value of your information and network security investment while minimizing your security risk exposure. Our Managed Security Services (MSS) apply people, processes, technology, and intelligence to help enterprises prevent, detect, and respond to vulnerabilities and threats in real- time.

Find Out More
For more information, contact us.
| About Us | Help Desk | Shipping Policy | Return Policy | Privacy Policy | Sitemap