Ofisgate CorporateSecurity Posture Assessment(SPA)
Headquarters:Ofisgate Sdn Bhd (610820-A), 2-15 Jalan Jalil Perkasa 13Aked Esplanad, Bukit Jalil, 57000 Kuala Lumpur, Malaysia
Regional Office:Ofisgate (s) Pte Ltd, 205B Thompson Road,Goldhill Centre, Singapore
L e a d i n g I C T s o l u t i o n c o m p a n y
www.ofisgate.com
Understand Your Current Security State
www.ofisgate.com
Understanding your organization’s security state and identifying vulnerabilities is the first step toward protecting the confidentiality ,
integrity and availability of critical data. It is also an important component for achieving regulatory compliance.
Protection of Information
Integrity
Protection of Information Availability
Protection of
Information
Access
Protection of Information Reliability
SPA to secure ICT Assets
Understand Your Current Security State
www.ofisgate.com
Your organization may be vulnerable to attack from the outside or the inside if you remain unaware of security issues, simply ignore them or don’t sufficiently manage them. An attack may take down your network or lead to the theft of sensitive data — customer information, employee information or intellectual property. The ensuing loss of public trust or the failure to comply with regulations could result in severe financial repercussions. A major security breach could also cause irrevocable damage to your organization’s reputation.
To effectively protect your organization, you first need to evaluate where you stand in relation to industry best practices and regulatory requirements.
A gap assessment will help identify the most effective course of action based on your business objectives.
IMPACT
SOLUTION
Understand Your Current Security State
www.ofisgate.com
A ROADMAP TO A MORE SECURE NETWORK
Going much deeper than an ordinary assessment, the Internet Security Systems Information Security Assessment provides a comprehensive evaluation of your information security posture. Based on the globally recognized ISO 17799 standard and industry best practices, the assessment by Ofisgate Sdn Bhd security experts will thoroughly document the results and provide you with specific recommendations for mitigating the identified risks and improving overall security posture
Benefits Of the Information Security Assessment
www.ofisgate.com
Provides a clear understanding of current information security risks
Identifies the potential impact of vulnerabilities on your network infrastructure
Raises internal awareness of information security risks
Enables more informed decision-making and identifies the gaps in organizational security controls, policies and processes
Provides a specific, actionable plan to improve overall security posture based on business needs
Enables you to proactively address security issues before they are exploited
Helps to meet regulatory compliance requirements
SPA Scope of Work
www.ofisgate.com
This document is intended to show and analyze network security issues to the management and technical staff. The audit report outlines:
Network Assessment
Host / Server Security Assessment
Application and Database Assessment
Physical Assessment
ICT Security Policy Assessment
Penetration Test (Internal & External)
Reporting / Recommendation / Presentation
Transfer of Technology (ToT) & Hands-On Security Training
Project Timeline
www.ofisgate.com
Pre Assessment Assessment Post
AssessmentProject
Handover
SPA Project Phase
www.ofisgate.com
Pre
Asse
ssm
ent
Project Planning and initiation
Customization of assessment procedures
Asse
ssm
ent
Network AssessmentHost/ Server
Security Assessment
Application and Database
AssessmentPhysical
AssessmentICT Security Policy
AssessmentPenetration Test
(Internal & External)
Post
Ass
essm
ent
Reporting / Recommendation/
Presentation
Transfer of Technology (ToT) & Security Hands-On
Training
Network Design Audit and Network Parameters Evaluation
www.ofisgate.com
BTM WAN Network
Internal Datacenter Network
BTM NOC
Internal and External Network Devices Assessment
www.ofisgate.com
7 Types
1 Firewall
1 Content Filtering / IPS
1 Email Security Gateway
3 Wireless Appliances3 Routers
1 Core Switch and 2 Access Switches
1 AV Admin Server, 2 AV
District Hosts and 4 user PCs
Example
Host / Server and Desktop Security Assessment
www.ofisgate.com
Example
2x Branches
User
DMZ
Server
Farm
HQ User
Application and Database Security Assessment
www.ofisgate.com
Example
One (1) Portal Five (5) Web Applications
Two (2) My SQL Database
Two (2) Oracle Database
Operating System & Configuration Management
www.ofisgate.com
Example
10 Windows Hosts
5 Linux Hosts
3 HQ Users
3 District Users
21 Hosts
Physical and Environment Security Audit
www.ofisgate.com
One (1) Customer a Datacenter
One (1) NOC
Example
ICT Security Policy Assessment / Review
www.ofisgate.com
One (1) Customer A ICT Security Policy
Example
Internal Penetration Test
www.ofisgate.com
Server Farm DMZ
HQ User 2x District User
Example
External Penetration Test
www.ofisgate.com
Example
9 Hosts
One(1) Email
One (1) Agency Portal
Seven(7) Web Applications
Report Presentation
www.ofisgate.com
Example
Six (6) Reports
Including (1) Executive Summary
Report
Report Presentation
Security Awareness
www.ofisgate.com
One (1) Security Awareness Session
Training
www.ofisgate.com
Three (3) Network Security Hands-On
Training
Tools
www.ofisgate.com
Nikto2
MATASANO Flint Firewall Checker
www.ofisgate.com
Thank You
For contact information:
OFISGATE SDN BHD (610820-A)2-15, Jalan Jalil Perkasa 13,Aked Esplanad, Bukit Jalil,
57000 Kuala Lumpur, MALAYSIA.
Tel: +603 8994 0778Fax: +603 8994 0779
For enquiries about our products, services or to schedule a sales presentation: