Defcon-5 can assist your business in developing and refining it's various security policies.
A security incident handling policy and procedure basically details how your staff should respond to a security incident such as theft, an attack on your website, and other emergency related security issues. Every security incident needs to be handled in it's own way, however most should follow a general set of guidelines (security incident polices, and procedures). A security incident policy will set a standard for what information should be preserved, how to react, and respond to a security incident. Proper security incident handling also allows you to appropriately protect vital information needed to prosecute, find, and arrest the attacker(s). Security incident handling policies and procedures are different from security policies and procedures, which setup a guideline of security for the business.
Defcon-5 can perform an analysis on your security incident handling polices and procedures and make recommendations on how to improve them to maximize their effectiveness. If you don't have a security incident handling policy or procedures we will help you create one that is best for your business.
A security policy specifies the security requirements for computer systems, buildings, and other assets purchased or owned by your business. Having a good solid security policy means you have a excellent baseline for implementing new systems and other equipment into your businesses infrastructure that meet a level of security. Your security policy should be included in all your contracts for purchasing new equipment and software, hence you need to make sure that it is very thorough and exact. By including your security policy as part of your contracts you guarantee that the product you purchase will meet your exact security specifications. This can be a double edged sword, your policy can help you purchase equipment that meets your standard, but you need to keep that standard updated.
Defcon-5 can review your existing security policy, and bring it up to date. We can make suggestions for additions, and if you do not have a security policy we can help you create one. Remember that your security policy is not just for contracts, but for internal use as well. When you have a good security policy that is maintained well you know what kind of security you can expect to have, and so do your customers.
Last Updated: 03/10/2008 02:57 AM