Keeping your infrastructure and information protected.
The security of your IT infrastructure, including the information processed and stored, is of paramount importance in today's networked environment. Prolity provides a number of services to assess your company's IT environment and recommends safeguard implementations that will help keep both your infrastructure and your information protected.
Prolity's Security Profiling services includes:
Threat Risk Assessments (TRA);
Security Awareness Training
Privacy Impact Assessements (PIA);
Security Compliance Reviews; and
Security Infrastructure Assessments.
A Threat Risk Assessment is directed at the system infrastructure surrounding mission critical systems, processes and applications. The assessment handles every aspect of the IT system and the supporting processes. Prolity provides support in creating or reviewing a concept of operations (CONOPS) for your organization in order to correctly understand the scope of the system being analysed. Prolity follows the Harmonized Threat Risk Assessment (HTRA) methodology developed by CSE and the RCMP and is well versed in the Government Security Policy (GSP) and the Management of Information Technology Security (MITS).
Security Awareness Training is an essential piece to any security policy within as organization. Prolity provides tailor made training programs based on the CONOPS of your organization. Awareness sessions can be packaged material created for delivery by your organization or with the help of one of Prolity's trained moderators.
the inadvertent development of systems or launching of services that may be characterized as privacy invasive. For pre-existing programs or systems, a PIA helps identify remedial steps necessary to improve privacy protection. Prolity can measure both technical compliance with public or private sector privacy legislation, as well as the broader privacy implications of a proposed undertaking.
Security Compliance Reviews are periodic assessments of IT security program and practices to monitor compliance with corporate, government and departmental security policies and standards. These engagements involve a comprehensive review of all security risk management information gathered through activities such as Threat Risk Assessments, Audits, Business Impact Analysis, Privacy Impact Assessments, self-assessments, monitoring, security investigations and Vulnerability Assessments. Security Compliance Reviews are valuable in helping organizations to recognize deficiencies and implement remedial action.
A Security Infrastructure Assessment charts the existing security program and associated processes and philosophies with an organization at the Internet, Intranet, Extranet and Dial-in levels. We undertake a complete examination of your security infrastructure including security policy, roles and responsiblities, physical security, system access, network management, security administration, program change control and minimum baseline standards.