IT & information system Security
As the computer age continues to develop and accelerate, more sensitive and critical information is stored in computers and electronic information systems.
Although information and data are among an organization’s most valuable assets, they areoften seriously vulnerable to misuse and theft. Security Logic employs the world’s most leading information systems security experts to assist our clients in safeguarding their information.
Penetration Tests examine the potential damage which internet websites and intranet information systems may incur. Penetration tests constitute a process whereby an organization's information security status is reviewed from the hacker's perspective.
An actual attempt is made to intentionally penetrate the company's information system in order to detect weaknesses. It is exceedingly important to conduct periodical immunity tests for organizations possessing sensitive information and databases in order to assess a potential perpetrator's capacity to cause image or financial damage to the organization.
There are two main types of penetration tests:
Application PT & Infrastructural PT
These tests are implemented according to the IT security objectives which the organization wishes to achieve, both in the technical domain and in terms of compliance to various standards and regulations such as: ISO 27001, PCI-DSS and more.
Cyber Security protects digital information systems from theft, loss, corruption and attack.Secure Communications Systems allow un-interrupted and untapped voice and data transmission within energy facilities and with operations in the field.
Security services include:
• Risk and exposure survey of information security, physical security and operational risks.
• Writing policy for organization management, regarding information and physical security.
• Organizational information security plan design and construction.
• Writing procedures for information and physical security.
• Planning and applying profiles on ERP systems in a secure manner.
• Planning training system and increased awareness.
• Preparing the organization for standard requirements: British information security standard BS7799 or other.
•International Standards (e.g. Bank supervisor's instruction or instruction by insurance company
• Writing backup, rehabilitation and Disaster Recovery Plans (DRP) and Business Continuity Plans supervisor (BCP).
• Hardening tests and CPT tests.
• Implementation of security mechanisms in operating and communication systems - hardening.
• Assistance in rule application e.g.: digital signature and privacy protection - database registration.
• Suitability of information security products to the organization.
• Characterization Solutions for secure Internet and e-business.
• Conformity to International standards e.g.: VISA & SOX.
• Implementation of embezzlement and fraud risk survey.
• Characterization, testing and establishing advanced identification means and encryption products.
• Ongoing accompaniment of information and physical security in the organization.
• Training and education on physical and information security.