Security swings between two extremes; crisis management and "fortress" syndrome.

In reality, security is a process, not a product.

This simple slogan contains a number of truths. First, there's no single product that will make an organization secure. The security marketplace is full of products positioned as "one-size-fits-all" security solutions. It's also important to understand that just as security transcends the selection and installation of products; it also refuses to be confined by traditional project timelines. There will never be a time when security is "finished".

The three pillars to achieve security goals are Confidentiality, Integrity and Availability often referred to as the CIA goals!

Confidentiality: The assurance that any given piece of information is accessible only to appropriate parties. Secrets should be known only to those authorized to know them. In practical terms, efforts aimed at providing proper degrees of confidentiality begin with information classification (deciding which pieces of the organization's information are public, vs. for internal use only, vs. secret even within the organization, etc.), and the engineering of ways to keep data properly compartmentalized.

Integrity: The assurance that information is not altered inappropriately. It should not be possible for unauthorized parties to tamper with an organization's data, or to forge information or transactions. Efforts to increase confidence in information integrity tend to focus on restricting degrees of access to information, making data tamper-evident, and providing accounts of how and when information has been viewed or altered.

Availability: The assurance that critical information will be accessible and necessary services will be operational when needed. Well-kept secrets and tamper-proof information are are of minimal help if there's no reliable way of using them. Efforts to enhance availability centre on system stability, and the elimination of single points of failure.

Security IT Review

1. The security review is an analysis of existing security postured against the ISO1779 standard.
2. The security architecture is a review of the current data communication network and system infrastructure.
3. The internal vulnerability assessment is an assessment that identities the system's vulnerabilities internally.
4. The external vulnerability assessment is an assessment of the network infrastructure to identify critical vulnerabilities which must be addressed.
5. The security operational policy review.

The outcome of the Security IT review is the development of a security architecture design which will address and review findings, as well as create a road map that will help your organization remedy all probable threats.

agilIT has aligned with many visionary companies and industry leaders such as BioPassword, Cisco Systems, Citrix, Enterasys' Secure Networks, Fortinet, Nortel Networks, Sonicwall, Sophos Secured, Symantec, and WatchGuard. agilIT also has an array of expertise, backed by ITIL best practices to achieve the highest standard of protection for your organization.