Information Security

Can you trust your Information Technology Controls?

Have they been independently verified?

Information technology controls are specific information systems designed to allow support, oversight, and monitoring of business processes. IT controls include controls over the general information technology environment, computer operations, access to programs and data, program development and program changes. Because of the passage of the Sarbanes-Oxley Act, information technology controls have risen in importance.

General controls usually incorporate the following:
  • Change management procedures
  • Source code/document version control procedures
  • Software development life cycle standards
  • Security policies, standards and processes
  • Incident management policies and procedures
  • Technical support policies and procedures
  • Hardware/software configuration, installation, testing, management standards, policies and procedures
  • Disaster recovery/backup and recovery procedures

Every year, the Computer Security Institute (CSI) with the participation of the San Francisco Federal Bureau of Investigation's (FBI) Computer Intrusion Squad conducts an annual survey of commercial, government, and educational organizations to determine the status of cyber-security in the United States. According to the CSI/FBI 2005 Computer Crime and Security Survey of 699 respondents, 71% of respondents indicated that they had experienced a computer security breach from outside their network. 28% of respondents did not know, which means that the actual number of breaches was likely higher. Even more disturbing, is that 65% reported computer security breaches from within their organization, with 35% answering that they did not know.

Respondents estimated that financial losses from security breaches totaled over $130 million. The true cost is probably higher. Security breaches include many factors such as unauthorized access to information, viruses, hackers, theft, fraud, equipment sabotage, misuse of information, denial of service attacks, web site defacement, network penetration, abuse of wireless network, and employee abuse of the internet.

How can you be sure that your network is secure?

Security Awareness For Everyone (S.A.F.E.) is a new program that has been developed to counter network threats and allow you to concentrate on what you do best, manage your business.

A battle is being fought each and every day on your network: disappearing network resources, network congestion & lost passwords. Everyday, network disturbances can be caused by trusted employees or malicious hackers.

In today's increasingly vulnerable network environment, you must strengthen your network defense and protect your business by staying ahead of the threat with Gnostech's full range of protection services.

Gnostech's in-house security engineers have developed a comprehensive Information Assurance (IA) package for businesses based on industry leading products that are installed and configured by our team of dedicated security engineers. Termed Security Awareness for Everyone, S.A.F.E. allows business customers to secure their corporate IT environments in a low-cost, high-availability manner.

Gnostech Information Assurance specialists will perform a six-step process to ensure you and your network's infrastructure are protected from known vulnerabilities in a network environment: