PCI Compliance Remediation effort |
Project seeks to evaluate security program against the compliance requirements for the Payment Card Industry (PCI) requirements for all credit card transactions. |
Wireless Inventory - High Risk Remediation |
Project seeks to inventory and document all wireless networks throughout the organization. |
Enhanced Administrator Password Policy, Awareness and Training |
Project seeks to inventory and document all server and service accounts across the organization. |
Self-Service Password Management in support of the Enhanced User Password policy |
In support of the new 8 character complex passwords, this project seeks to support the enhanced password policy for end-users by providing a consistent and well documented process for resetting and managing multiple IDs across disparate systems. |
System Installation and Hardening Process |
One common finding of vulnerability analysis programs is that the Microsoft Windows NT and Active Directory systems (including web servers) are vulnerable to attack and penetration. This program seeks funding to create installation standards and to compare existing configurations against those standards. |
WEB/Extranet Services |
Program to remediate vulnerabilities identified in the externally facing web applications, which focuses on vulnerabilities existing at the OS, Application Server, and Application Software development areas. |
Firewall Centralization/Management and Auditing |
Project to perform administrative and technical consolidation of existing firewall systems. |
Develop Global Computer Incident Response Program |
Current PCI and SOX standards call for Incident Response programs as a means of limiting exposure and damage due to unauthorized access to systems. Further, ongoing contracts with carriers/internet providers require some form of Incident Response in order to meet contractually obligated security requirements. |
Counter-Hack Preventative Controls |
The project provides preventative controls in support of the general Information Security posture for the organization. Use of Systems integrity tools, log analysis tools as well as any existing intrusion detection devices to provide a strong preventative control environment will dramatically increase security posture and support Incident Response and other critical processes. |
AD Security Tools and Implementation |
Project will implement administrative and technical controls that address security, auditing and reporting gaps in the Active Directory/Microsoft services environment. |
Policy and Procedure System |
Project will implement a policy workflow process and system that provides Policy, Standards and procedures support across executives, audit, operations and risk mitigation organizations. |
Awareness Training Program |
Project will provide a standard training and awareness program for all company employees on an international basis. |
Acquisition Assessments and Remediation |
3rd Party Assessments and Remediation |
Forensic Solutions |
|
|
|