Download presentation
Presentation is loading. Please wait.
Published byIsaac Hunt Modified over 9 years ago
1
Security Posture Assessment (SPA) Headquarters: Ofisgate Sdn Bhd (610820-A), 2-15 Jalan Jalil Perkasa 13 Aked Esplanad, Bukit Jalil, 57000 Kuala Lumpur, Malaysia Regional Office: Ofisgate (s) Pte Ltd, 205B Thompson Road, Goldhill Centre, Singapore www.ofisgate.com
2
Understand Your Current Security State www.ofisgate.com Understanding your organization’s security state and identifying vulnerabilities is the first step toward protecting the confidentiality, integrity and availability of critical data. It is also an important component for achieving regulatory compliance. Protection of Information Integrity Protection of Information Availability Protection of Information Access Protection of Information Reliability SPA to secure ICT Assets
3
Understand Your Current Security State www.ofisgate.com Your organization may be vulnerable to attack from the outside or the inside if you remain unaware of security issues, simply ignore them or don’t sufficiently manage them. An attack may take down your network or lead to the theft of sensitive data — customer information, employee information or intellectual property. The ensuing loss of public trust or the failure to comply with regulations could result in severe financial repercussions. A major security breach could also cause irrevocable damage to your organization’s reputation. To effectively protect your organization, you first need to evaluate where you stand in relation to industry best practices and regulatory requirements. A gap assessment will help identify the most effective course of action based on your business objectives. IMPACT SOLUTION
4
Understand Your Current Security State www.ofisgate.com A ROADMAP TO A MORE SECURE NETWORK Going much deeper than an ordinary assessment, the Internet Security Systems Information Security Assessment provides a comprehensive evaluation of your information security posture. Based on the globally recognized ISO 17799 standard and industry best practices, the assessment by Ofisgate Sdn Bhd security experts will thoroughly document the results and provide you with specific recommendations for mitigating the identified risks and improving overall security posture
5
Benefits Of the Information Security Assessment www.ofisgate.com Provides a clear understanding of current information security risks Provides a clear understanding of current information security risks Identifies the potential impact of vulnerabilities on your network infrastructure Raises internal awareness of information security risks Enables more informed decision-making and identifies the gaps in organizational security controls, policies and processes Provides a specific, actionable plan to improve overall security posture based on business needs Enables you to proactively address security issues before they are exploited Helps to meet regulatory compliance requirements
6
SPA Scope of Work www.ofisgate.com This document is intended to show and analyze network security issues to the management and technical staff. The audit report outlines: Network AssessmentHost / Server Security AssessmentApplication and Database AssessmentPhysical AssessmentICT Security Policy AssessmentPenetration Test (Internal & External)Reporting / Recommendation / PresentationTransfer of Technology (ToT) & Hands-On Security Training
7
Project Timeline www.ofisgate.com Pre Assessment Assessment Post Assessment Project Handover
8
SPA Project Phase www.ofisgate.com Pre Assessment Project Planning and initiation Customization of assessment procedures Assessment Network Assessment Host/ Server Security Assessment Application and Database Assessment Physical Assessment ICT Security Policy Assessment Penetration Test (Internal & External) Post Assessment Reporting / Recommendation/ Presentation Transfer of Technology (ToT) & Security Hands- On Training
9
Network Design Audit and Network Parameters Evaluation www.ofisgate.com BTM WAN Network Internal Datacenter Network BTM NOC
10
Internal and External Network Devices Assessment www.ofisgate.com 7 Types 1 Firewall 1 Content Filtering / IPS 1 Email Security Gateway 3 Wireless Appliances 3 Routers 1 Core Switch and 2 Access Switches 1 AV Admin Server, 2 AV District Hosts and 4 user PCs Example
11
Host / Server and Desktop Security Assessment www.ofisgate.com Example 2x Branches User DMZ Server Farm HQ User
12
Application and Database Security Assessment www.ofisgate.com Example One (1) PortalFive (5) Web Applications Two (2) My SQL DatabaseTwo (2) Oracle Database
13
Operating System & Configuration Management www.ofisgate.com Example 10 Windows Hosts 5 Linux Hosts 3 HQ Users 3 District Users 21 Hosts
14
Physical and Environment Security Audit www.ofisgate.com One (1) Customer a Datacenter One (1) NOC Example
15
ICT Security Policy Assessment / Review www.ofisgate.com One (1) Customer A ICT Security Policy Example
16
Internal Penetration Test www.ofisgate.com Server Farm DMZ HQ User2x District User Example
17
External Penetration Test www.ofisgate.com Example 9 Hosts One(1) Email One (1) Agency Portal Seven(7) Web Applications
18
Report Presentation www.ofisgate.com Example Six (6) Reports Including (1) Executive Summary Report Report Presentation
19
Security Awareness www.ofisgate.com One (1) Security Awareness Session
20
Training www.ofisgate.com Three (3) Network Security Hands-On Training
21
Tools www.ofisgate.com Nikto2 MATASANO Flint Firewall Checker
22
www.ofisgate.com e: sales_enquiries@ofisgate.com For contact information: OFISGATE SDN BHD (610820-A) 2-15, Jalan Jalil Perkasa 13, Aked Esplanad, Bukit Jalil, 57000 Kuala Lumpur, MALAYSIA. Tel: +603 8994 0778 Fax: +603 8994 0779 For enquiries about our products, services or to schedule a sales presentation:
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.