|
Threat/Risk Assessments (Monthly, Quarterly and Annual)
Penetration Assessment - Plannet’s highly skilled security team will take a non-destructive hacker's-view of our customer’s environment, looking for vulnerabilities from both inside and/or outside of their business, using the same tools and techniques that a potentially malicious intruder would use. We then provide a detailed, confidential report outlining the vulnerabilities found, along with recommended counter-measures. Prior to testing we review the plan with our customer to make known any possible risks and address any concerns.
Technical Risk Assessment
Our consultants assist our customers in determining which security controls are appropriate and cost effective. This process is quite often a complex and subjective matter thus the prime function of security risk analysis is to put this process onto a more objective basis. Quantitative Risk Analysis employs two fundamental elements; the probability of an event occurring and the likely loss should it occur. Qualitative risk analysis methodologies make use of a number of interrelated elements such as threats, vulnerabilities and controls. The objective is to make the decision of where to spend security-related resources easier.
Security Architecture Design and Review
Plannet’s main focus area is of course information security. We specialize in securing applications, networks and systems but what really defines our innovation is how our architecture services integrate each of these key areas. Typically in today’s corporate environments there is no ‘enterprise’ architecture or global design. Instead, what we find are microcosms of design within various departments that are not shared with others. This is counter-intuitive to our philosophy. To combat this, Plannet’s services include network security architecture design, system hardening, intrusion detection system (IDS) design, as well as solutions deployment strategies and design. The security design services we offer affords our clients the ability to construct a well-conceived posture with the highest degree of visibility and with regard to defending against an increasing range of network security threats and application vulnerabilities.
Compliancy Audits
It is critical today to ensure that firm's adhere to the strict compliancy laws stated in their particular market segment. The unfortunate events with Enron and Adelphia prove that without some standard accountability and third party oversight, you introduce risk. The recent Sarbanes-Oxley Act in particular was created to thwart practices and processes not consistent with industry standards. Such acts now are granted teeth in which to penalize those firms not in compliance. Heavy fines and/or suspensions are typical penalties and can be assessed at any time. Plannet offers its compliancy audit services to ensure firms stay within their required industry compliancy laws such as the following:
 Sarbanes-Oxley
GLBA
HIPAA
CoBit
We also offer a complete line of technical security services that can be billed fixed cost or hourly depending on your needs. Plannet offers the following security services for its customers.
Assessment Services
Infrastructure Security Assessment
(includes OS & Network Vulnerabilities)
Web Application Security Assessment
Database Security Assessment
(Oracle & SQL Server Only)
Architecture Services
Infrastructure Architecture Design
(includes OS & Network Vulnerabilities)
Physical Architecture Design
(Server Rooms & Secure Physical Resources)
Internet/DMZ Architecture Design
Web Application Architecture Design
Implementation Services
Infrastructure Implementation
(includes Routers, Switches, Servers, and Operating Systems)
Internet/DMZ Implementation
(includes Web Servers, Firewalls, & Security Devices)
Web Application Coding / Implementation Security Services and Patch Management
Software Maintenance Services – Mission Control/Axiom/STIC
Quarterly Re-Evaluation of Architectures
Maintenance of all Implemented Applications, Systems, & Design
|
