Our Methodology  

Analyse existing network security deployed on the customer’s network

Redesign the network security using Condyn’s structured methodology

Integration of Existing Technology used as far as possible to provide best ROI possible

Present and get sign off on the new solution

Implement and install the new design using certified security specialists

Maintain and support the new solution

Revisit the existing deployment and enhance if and when required

Compliance

Definition:

Compliance is undertaking activities or establishing practices or policies in    accordance with the requirements or expectations of an external authority.

In South Africa the public and private sector need to comply with Legal and Regulatory requirements like:

Public Finance Management Act

Regulations for the Interception of Communications Act

Electronic Communications and Transactions Act

Promotion of Access to Information Act

Companies Act

Privacy Regulations

Archiving Act

Copyright Act

Film and Publications Act

Financial Intelligence Centre Act

ISO 27001:2006

COBIT

PAS 56

ITIL

Minimum Information Security Standards

Occupational Health and Safety Act

Concerns:

Which of these laws are applicable to my business? How do I comply on these requirements?

Solution:

All the requirements might not be applicable to your organization but many are standard. We will assist you with these requirements on request.

Based on this Legal and regulatory requirements, the information systems need to be able to provide the following functionality:

Risk and Vulnerability Assessments

Control and manage changes on servers, databases and network devices.

Ensure corporate policies are adhered to by deploying a Policy management Tool – Ensure policy is read and understood by adding a test to ensure end user has read and understood the policy..

Vulnerability assessments – Ensure assessments are done and reports are provided to ensure compliance are met

Messaging Security

Concern:

How do I prevent unsolicited mail or spam mail reach my corporate mail system which in return will result in increased end user productivity and  at the same time protect my organization?

Solution:

Ensure that the following points are addressed to ensure productivity is kept as well as protecting the company critical information

Clean mail - Providing mail to the corporate mail system after all spam and viruses and content has been scrubbed resulting in saving storage space and increased productivity by employees.

Outbound filtering of all mails to ensure compliance is met

Regulatory compliance ensures that confidential documents and information does not leave the corporate mail network

Secure Mail – Encryption of outgoing mail to specific users to ensure that confidential documents are not intercepted and made public or used by competitors

Forensic email archiving

Perimeter Security

Concern:

Can I regulate my employee’s usage of the Internet and limit their productive access as well as ensure hackers cannot attack and access your network?

Solution:

Ensure that your network is fully protected from the outside as well as from the inside by deploying solutions that provide the following

IPS/IDS

Protects the network from internal and external hidden attacks

Protect your internal network against DDOS attacks

Firewalls

Ensures internal network is protected from external attacks

Providing WEB filtering

IPS

AV

Remote access via SSL or VPN

Web Filter

URL Filtering allowing controlled access to a web site

Protecting against hackers

Application Scanning

Data Leakage prevention

Endpoint Security

Concern:    

Can I be sure that our PC/Laptop has not been compromised and that no Intellectual Property has been removed from the company?

Solution:

Deploy solutions that cover some or all of the following

Access Control with a choice between  tokens, cards or challenge response

Mail Encryption per user

Application control – Only approved applications will become active thus preventing unauthorized applications running on the PC/Notebook

Device control – Mobile devices and various USB devices are managed

Encryption on removable media

Device Encryption – PC, Notebook

Patch Management of all software on the device

Hard Drive Encryption

Pre Boot Authentication

Remote Access

Concern:

How can I securely access my network when not at work?

Solution:

Ensure a secure solution is deployed that allows for remote access

Secure access from anywhere in the world even behind external firewalls

Secure authentication using SMS or software on a mobile device

Encrypted access – PC’s, Notebooks and many Mobile Devices

Encrypted data communication via any network link

Data Protection

Concern:    

How can I assure that my data and information is protected on the internal network.

Mail

Is your electronic mail always available?

Can you retrieve lost mail?

Is your electronic mail confidential?

Databases

Is your database secure and protected against hackers and internal administrative staff?

Can you ensure critical data cannot be extracted and provided to competitors or criminal elements

Solution: Deploy solutions that ensure that you can prove that your data is secure and that access to this data is managed

Forensic Mail Archiving

Forensic Archiving of all e- mail

Regulatory compliance

Inbound, outbound and internal e- mail

All electronic mail platforms supported

Ability to retrieve any e- mail in a controlled environment in minutes

Database encryption

Ensure only critical data is encrypted as encrypting all data will slow response down and will affect user access and response times

Ensure compliance is met by proving that critical data is encrypted

Professional Services

Concern:

How will I be able to ensure continuous support from initiation to daily 24*7 support from specialists?

Solution;

Condyn offers a service agreement to our clients for their unique requirements through customization. We strongly believe that each client has their own unique requirements.

Professional Security Design and consulting

24*7 support through remote access and when required on site support

Monitoring of security devices

Managing of Message security

Assistance with Audit reviews

Cloud services:

Concern:

I do not have a Capex Budget. What else is on offer that can assist me to make it more affordable?

Solution:

To assist our customers, we have negotiated Software as a Service solution on some of our product portfolio and we will continue

SAAS Services

Mail scrubbing to ensure only acceptable mail is forwarded to the customers network – ensures saving of bandwidth

Encryption of mail – Per user subscription

Encryption of USB – Per user subscription  (Remote “Kill” function if needed

Encryption of files and directories – Per user subscription  

Management and Reporting

Concern:             

Do you know which assets to protect from which threats?

Can you enforce your security?

Have you got a real view on your security in your network and can you provide management reports as well as detailed technical reports on changes and attacks on the network?

Solution:

Comply with regulatory requirements for log data collection, analysis, reporting, archival and retrieval