Security Services Group OverviewAn introduction to the Applications Services Group
ACTG offers end-to-end security solutions that streamline security technologies and management processes to mitigate the security risks in organizations. The prime goal is to enhance the ROSI (Return on Security Investment) of our customers by enhancing IT security, reducing administration & operational costs and improving productivity.
Security audit:A security audit is conducted to assess the overall security of the customer's network, using well-defined procedures and checklists. This helps identify security loopholes in design, implementation and practices in the network. Application auditAn application audit involves reviewing and assessing issues of functionality vis-à-vis business requirements, input / output / processing controls, auditability, internal controls built-in at the application software level, database level, server and client applications, implementation of separation of duties, password management, programming standards and quality assurance, software development methodology, change and version control management, and back-up and restore procedures. Vulnerability assessmentIndustry standard remote vulnerability assessment tools like Tenable Passive Vulnerability Scanner (PVS), The Hackproof vulnerability scanner and other tools and techniques are used to analyze the vulnerabilities of a system / network, get a hacker's eye-view of the system and identify security holes which can be exploited by a remote attacker to compromise the network. Server hardeningServer hardening is the first line of defense against a possible intrusion. ACTG trains the system administrators on the best practices to be followed to maintain secure servers and methods to update security patches and monitor security logs, to identify possible security breaches and track defaulters. Information security policiesSecurity policies are the primary building blocks for every successful information security effort. At Aequor, we conduct risk analyses to locate likely threats and the security requirements; gather the required information using well-defined checklists and procedures, and then develop a security policy based on the existing standards, and corresponding baseline standards, guidelines, and procedures for implementing the security policy. Penetration testingPenetration testing is used to analyze the vulnerabilities of a system / network remotely. The ACTG team performs penetration testing in accordance with the open source security testing methodology manual (OSSTMM) and the open web application security project (OWASP). Business continuity planning / disaster recovery planningBusiness continuity / disaster recovery plan (BCP / DRP) is a comprehensive statement of consistent actions to be taken before, during and after a disaster. The Group conducts a business impact analysis and a risk analysis to identify the areas that would suffer the greatest financial and operational loss in the event of a range of possible disasters, including natural, technical and human threats.
|
