Ofisgate CorporateSecurity Posture Assessment(SPA)

Headquarters:Ofisgate Sdn Bhd (610820-A), 2-15 Jalan Jalil Perkasa 13Aked Esplanad, Bukit Jalil, 57000 Kuala Lumpur, Malaysia

Regional Office:Ofisgate (s) Pte Ltd, 205B Thompson Road,Goldhill Centre, Singapore

L e a d i n g I C T s o l u t i o n c o m p a n y

www.ofisgate.com

Understand Your Current Security State

www.ofisgate.com

Understanding your organization’s security state and identifying vulnerabilities is the first step toward protecting the confidentiality ,

integrity and availability of critical data. It is also an important component for achieving regulatory compliance.

Protection of Information

Integrity

Protection of Information Availability

Protection of

Information

Access

Protection of Information Reliability

SPA to secure ICT Assets

Understand Your Current Security State

www.ofisgate.com

Your organization may be vulnerable to attack from the outside or the inside if you remain unaware of security issues, simply ignore them or don’t sufficiently manage them. An attack may take down your network or lead to the theft of sensitive data — customer information, employee information or intellectual property. The ensuing loss of public trust or the failure to comply with regulations could result in severe financial repercussions. A major security breach could also cause irrevocable damage to your organization’s reputation.

To effectively protect your organization, you first need to evaluate where you stand in relation to industry best practices and regulatory requirements.

A gap assessment will help identify the most effective course of action based on your business objectives.

IMPACT

SOLUTION

Understand Your Current Security State

www.ofisgate.com

A ROADMAP TO A MORE SECURE NETWORK

Going much deeper than an ordinary assessment, the Internet Security Systems Information Security Assessment provides a comprehensive evaluation of your information security posture. Based on the globally recognized ISO 17799 standard and industry best practices, the assessment by Ofisgate Sdn Bhd security experts will thoroughly document the results and provide you with specific recommendations for mitigating the identified risks and improving overall security posture

Benefits Of the Information Security Assessment

www.ofisgate.com

Provides a clear understanding of current information security risks

Identifies the potential impact of vulnerabilities on your network infrastructure

Raises internal awareness of information security risks

Enables more informed decision-making and identifies the gaps in organizational security controls, policies and processes

Provides a specific, actionable plan to improve overall security posture based on business needs

Enables you to proactively address security issues before they are exploited

Helps to meet regulatory compliance requirements

SPA Scope of Work

www.ofisgate.com

This document is intended to show and analyze network security issues to the management and technical staff. The audit report outlines:

Network Assessment

Host / Server Security Assessment

Application and Database Assessment

Physical Assessment

ICT Security Policy Assessment

Penetration Test (Internal & External)

Reporting / Recommendation / Presentation

Transfer of Technology (ToT) & Hands-On Security Training

Project Timeline

www.ofisgate.com

Pre Assessment Assessment Post

AssessmentProject

Handover

SPA Project Phase

www.ofisgate.com

Pre

Asse

ssm

ent

Project Planning and initiation

Customization of assessment procedures

Asse

ssm

ent

Network AssessmentHost/ Server

Security Assessment

Application and Database

AssessmentPhysical

AssessmentICT Security Policy

AssessmentPenetration Test

(Internal & External)

Post

Ass

essm

ent

Reporting / Recommendation/

Presentation

Transfer of Technology (ToT) & Security Hands-On

Training

Network Design Audit and Network Parameters Evaluation

www.ofisgate.com

BTM WAN Network

Internal Datacenter Network

BTM NOC

Internal and External Network Devices Assessment

www.ofisgate.com

7 Types

1 Firewall

1 Content Filtering / IPS

1 Email Security Gateway

3 Wireless Appliances3 Routers

1 Core Switch and 2 Access Switches

1 AV Admin Server, 2 AV

District Hosts and 4 user PCs

Example

Host / Server and Desktop Security Assessment

www.ofisgate.com

Example

2x Branches

User

DMZ

Server

Farm

HQ User

Application and Database Security Assessment

www.ofisgate.com

Example

One (1) Portal Five (5) Web Applications

Two (2) My SQL Database

Two (2) Oracle Database

Operating System & Configuration Management

www.ofisgate.com

Example

10 Windows Hosts

5 Linux Hosts

3 HQ Users

3 District Users

21 Hosts

Physical and Environment Security Audit

www.ofisgate.com

One (1) Customer a Datacenter

One (1) NOC

Example

ICT Security Policy Assessment / Review

www.ofisgate.com

One (1) Customer A ICT Security Policy

Example

Internal Penetration Test

www.ofisgate.com

Server Farm DMZ

HQ User 2x District User

Example

External Penetration Test

www.ofisgate.com

Example

9 Hosts

One(1) Email

One (1) Agency Portal

Seven(7) Web Applications

Report Presentation

www.ofisgate.com

Example

Six (6) Reports

Including (1) Executive Summary

Report

Report Presentation

Security Awareness

www.ofisgate.com

One (1) Security Awareness Session

Training

www.ofisgate.com

Three (3) Network Security Hands-On

Training

Tools

www.ofisgate.com

Nikto2

MATASANO Flint Firewall Checker

www.ofisgate.com

Thank You

e: sales_enquiries@ofisgate.com

For contact information:

OFISGATE SDN BHD (610820-A)2-15, Jalan Jalil Perkasa 13,Aked Esplanad, Bukit Jalil,

57000 Kuala Lumpur, MALAYSIA.

Tel: +603 8994 0778Fax: +603 8994 0779

For enquiries about our products, services or to schedule a sales presentation: