Intentional Technology.






We are living in an age where networks and computers are relied upon almost exclusively to store, process, and transmit all varieties of data. Regardless of your industry, it is more than likely that your network is hosting your customers' personal information, intellectual property and trade secrets, or important accounting information. These are just a few examples of computer hosted data that require careful consideration of a network's security.

The three primary goals of information systems security are maintaining confidentiality, integrity, and availability. This means that in addition to keeping data out of the wrong hands, it is also essential to prevent data corruption and avoid unnecessary downtime of essential systems. At Black Sea Systems, it is our goal to apply these principles to every system that we implement and manage.

The first step to determining the security needs of your organization is performing a comprehensive risk assessment. Risk assessment is the process of determining threats and vulnerabilities within your organization and then determining the likelihood and impact of any given risk. This is done using either qualitative or quantitative means; we will determine the appropriate method for your organization. Once it has been determined what risks your company face, a strategy to control each risk can be developed. Our professionals will look at each risk and work with you to determine the appropriate risk control strategy. These strategies include avoidance, transference, mitigation, and acceptance. Once the creation of a risk control strategy is complete, a comprehensive security policy can be created. This policy is the culmination of network security, computer security, and management practices.

Network Security

Network security pertains to the protection of network infrastructure from attack. One of the primary components of network security is known within the industry as perimeter defense. Perimeter defense is the process of defending your network against attack from an external source. Our professionals will employ several hardware and software solutions to ensure that your network perimeter is secure. These solutions include firewalls, intrusion detection systems (IDS), and virtual private networks (VPN). The combination of firewall and IDS, both expertly honed for your environment by our professionals, will prevent and detect attacks. There must also be a way for authorized users to access your network. That is where the VPN comes in; it will allow employees to safely and securely retrieve information while out of the office.

Application specific technical controls are also important for network security. These include web content filtering, e-mail security, and spam filtering. Web content filtering is important to prevent your employees from accessing malicious websites that may contain viruses, and for increasing productivity in the workplace. E-mail security and spam filtering are also important for essentially the same reasons. Viruses are often transmitted via e-mail, and if your employees are less burdened with sorting through spam everyday their productivity will increase.

Computer Security

Computer security is the protection of individual workstations within your organization's network. The primary issue here is protection against malware and viruses. Despite technical controls implemented on the network level to prevent viruses, it is also necessary to protect individual workstations from malicious software. To accomplish this goal, we will implement a centrally managed anti-virus solution that will ensure each and every one of your workstations is protected from the latest threats. Another important element to ensure workstation security is a strong password policy. This can be centrally managed and should require users to change their password several times a year and use a certain degree of complexity.

Management Practices

While technical controls are important, they can only get you so far without good management and training practices. Proper management practices are arguably the most important element of information security within your organization. Up until this point we have focused mostly on protecting against what are known as external threats, in this section we will address internal threats. Internal threats include everything from a disgruntled employee to human error. Arguably the most dangerous threat that any organization faces is a disgruntled employee that knows his/her way around their network. Our professionals will implement controls to prevent such an individual from causing damage through the use of logical access control to invoke the principle of least privilege. This will reduce the risk of an unhappy employee whose grief is unknown by management. Once management is aware of a disgruntled employee his credentials should be immediately revoked. This is an example of the kind of management practices our professionals will recommend for your business.

Compliance

Many different industries are required to maintain certain information security standards by various compliance bodies. Many of the requirements outlined by the various compliance bodies and federal law work in tandem with the principles we have outlined above. Whether you are a healthcare provider that must maintain HIPAA or HITECH compliance or a financial institution that must maintain PCI DSS or Sarbanes-Oxley, we can help your organization meet all requirements and receive full compliance.

If you are interested in securing your network infrastructure, whether for compliance or otherwise, please feel free to contact us.

Overview of various information security solutions deployed and supported by Black Sea Systems in various firms:

Hardware:

  • Barracuda Spam and Virus Firewalls
  • Barracuda Web Filters
  • Cymphonix
  • Cisco Adaptive Security Appliances
  • iBoss Enterprise Web Filter
  • Sonicwall Security Appliances
  • Watchguard Security Appliances
  • Zyxel Zywall USG Security Devices

Software:

  • Edgewave iPrism
  • GFI MailArchiver
  • pfSense
  • SAINTexploit
  • Symantec Backup Exec System Recovery
  • Symantec Endpoint Protection
  • Tenable Nessus
  • Vipre Business Antivirus and Endpoint Security
  • VMware vSphere ESX
  • VMware vSphere ESXi
  • Websense

Black Sea Systems office locations:

Share