iso
17799
The ISO
17799 standard is a comprehensive set of controls comprising best practices
in information security. It comprises two parts (1) a code of practice
and (2) a specification for an information security management system.
They encompass the following:
- Install and maintain a working firewall to protect data
- Keep
security patches up-to-date
- Protect
stored data
- Encrypt
data sent across public networks
- Use
and regularly update anti-virus software
- Restrict
access by "need to know"
- Assign
unique ID to each person with computer access
- Don't
use vendor-supplied defaults for passwords and security parameters
- Track
all access to data by unique ID
- Regularly
test security systems and processes
- Implement
and maintain an information security policy
- Restrict
physical access to data
How
Symtrex Assists
Symtrex's
security audit methodology will provide the necessary information required
to meet corporate security standards and address regulatory act compliance.
By providing a detailed security forensic data analysis, a comprehensive
report of activity and events on the systems/servers being monitored
will be provided.
Once our
detailed audit analysis is complete Symtrex will provide recommendations
based on our findings and will, if desired, implement and arrange for
a post implementation audit.
Contact
us today to receive more information.
|
|
|
|
