ISIT enables companies to build an Information Security framework based on its business objectives. Our delivery model maps policies to business objectives of the company and implements controls based on identified and accepted risks.
The final objective is to give CIOs, CISOs and Risk Managers, the visibility into their information security strategy and its effectiveness across the company. This is achieved through dash boards and evidence repository of status of policy and controls deployed across the company.
ISIT delivers this framework through a set of services which include one or more of the following elements:
- Consultancy: Security Architecture Design Review, Vulnerability Assessment, Penetration Testing, Security Policy Creation and Publication, ISMS Gap Analysis and Readiness
- Product Technologies: Best of the Breed and purpose built information security solutions
- Implementation and Support: Solution implementation, project management, on-site support and maintenance
- Training: Administrative level training on security solutions, security awareness programs
ISIT Information Security technology solutions
As an element of ISIT Information Security Framework delivery, ISIT offers the following technologies from Best of the Breed technology vendors.
|
 Intrusion Prevention Systems (IPS)
IPS protection at the Internet gateway and server farms in the Data Center. IPS with throughput supporting 10Gbps and above for demanding server farms.
|
Virtual Systems Security
For VMWare environments - This technology enables you to implement host security in a virtual environment. The host security automatically moves with the application from one virtual machine to another across the enterprise networks independent of its physical location.
|
Network Access Control
This technology enables you to implement Network Access Control policy without the need for making any changes/reconfiguration to the switching infrastructure. Stop any unknown or rogue hosts from connecting to the network including remote branches. Identify and Remediate end points that do not meet Common Vulnerability Exposure (CVE) exploits which is the basis for most of the attacks originating from the end points.
|
Security Information Management
Log and co-relate security events in real time across the enterprise network from various devices/hosts and manage Life Cycle of an Incident automatically.
|
Encryption
Encryption of data at Rest, Motion and Use that includes storage and mobile devices.
|
Privilege Access Control
Automatically Control, Monitor and Record privilege access activity of systems by internal administrators or external suppliers over LAN and WAN links of corporate infrastructure.
|
Database Security
Monitor database transactions in real time for any rogue or unauthorized access.
|
Document/message Classification
Automatically enforce document and message classification/labeling policy at the end point and reduce loss of confidentiality knowingly or un-knowingly.
|
Data Loss Prevention
Identify, monitor all information exit points and prevent loss of confidential information across the corporate information infrastructure including portable/mobile devices.
|
Risk Register
Centrally manageable, simple and easy tool to Capture, monitor and track any type of risks (IT, Operational etc) by respective owners.
|
IT Governance, Risk and Compliance
Reduce cost of IT Risk and Compliance management. Manage technical and administrative controls mapped to internal or external mandates, policies and business objectives. |
Security