RSS

Testimonials

TestimonialsPlease click on the link below to see a list of our current client testimonials. 

read testimonials


Connect with us on 

LinkedIn 

Follow us on

Twitter 

Join us on

Facebook

 Subscribe to us on

 

Read our Blog on

 

 

   

 

   

Our Online Poll

Which of the following areas are of most concern to you and your organisation for 2011?

Results

Newsletter

Subscribe to our newsletter

Information Security Policy and Procedure Development

Sysnet’ security professionals are your trusted advisors with the expertise and experience to help you develop an effective and efficient information security strategy. This includes the supporting policies and procedures to suit your business requirements and bolster or improve the information security posture of your organisation. Our consultants provide expert advice on the creation, implementation and reinforcement of information security policies and procedures that aim to improve your information security practices without creating unnecessary administrative overhead. The objective of this service is to assist your organisation in identifying and deploying information security policies and procedures and to providing innovative solutions for how they should be managed and maintained.

For example, there are a number of ongoing processes required to maintain compliance with the PCI DSS. While these may be described as ‘in place’ during a gap analysis; a Qualified Security Assessor (QSA) or Qualified Forensic Investigator (QFI) would expect to be able to review evidence of each of these processes having taken place over the course of a year in the event of an on-site audit or a forensic investigation following a data compromise. Some of these ongoing maintenance requirements are outlined below:

  • An annual review of Security Policy incorporating a formal Risk Assessment 
  • An annual review of security controls 
  • An annual penetration test 
  • A quarterly internal vulnerability scan 
  • A quarterly external vulnerability scan 
  • Formal periodic security training for staff members with security responsibilities
  • Annual security awareness training for non-technical staff 
  • A periodic test of incident response procedures 
  • An annual rotation of data encryption keys 
  • A quarterly rotation of Wireless Encryption keys 
  • A periodic destruction/purging of (hard and soft copy) data older than a company approved retention period 
  • A periodic inventory of backup media

Similarly ISO 27001 requires that the ‘Plan-Do-Check-Act ‘methodology for continuous improvement and required periodic assessment of your Information Security Management System (ISMS), Sysnet works with you to design and implement comprehensive security best practices including, the definition of roles and responsibilities, key asset identification, sensitive information inventory, change management, internal audit, physical security, network security, security in systems development, user management, user education and compliance maintenance.

For further information on our Information Security Policy and Procedure Development service, please contact one of our Sales representatives by calling +353 (0)1 495 1300 or by completing our Online Enquiry Form or Request a Call Back Form.

Alternatively, for a full list of contact details for our worldwide offices, please click here.

Also, please feel free to visit our resource centre for helpful articles, latest news, videoswikiscase studies and useful links related to industry topics and terminology.

Explore Sysnet:

Home | About Us | Contact Us | Partners | Resource Centre | Careers | Our Locations | Dublin Head Office | Russia and CIS | South Africa | UK | Latest News | Articles | Call Recording, PCI DSS & the Pitfalls | The importance of PCI Compliance | PCI DSS Overview | Overview of the main changes between v1.2.1 and v2.0 of the PCI DSS | Webinars | Data Protection | Securing Telephony for PCI DSS | Common Cyber Crimes facing the Payments Industry | Data Breaches – Compulsory Disclosure? | PCI DSS compliance challenges for the E-commerce Sector | PCI DSS compliance challenges for the Hospitality Sector | PCI DSS in the Retail Sector | PCI DSS v2.0 Webinar | PCI DSS Overview Webinar | Wikis | Videos | Case Studies | Useful Links | Testimonials | The Steps to Achieving Information Security Compliance

Information Security Services

Understanding | Analysis | Remediation | Assessment | Support and Compliance Maintenance | PCI DSS Introductory Workshop | PCI DSS Training | Compliance Scope Analysis and Reduction | Gap Analysis | Documentation Review | Information Security Policy & Procedure Development | Remediation Plan | Remediation Project Progress Review | Solutions Implementation & Compensation Control Compliance Validation | Onsite Pre Assessment | Onsite Assessment | Web Application Vulnerability Assessment | Payment Application Assessment | Risk Assessment | Firewall Review | Phone & Email Support | Information Security Policy Review | Periodic Onsite Compliance Health Check | Security Awarness Programmes | Incident Response Services

Managed Security Services

SIM on Demand | Security Monitoring | Network Intrusion Prevention and Detection Service | Firewall Management | Managed Vulnerability and Web Application Scanning | Log Retention

Industry Sector Services

E-commerce | Public Sector | Travel and Tourism | Payments | Financial Services | Educational Institutions | Gaming

Compliance and Standards

Sysnet Compliance Management Solution | PCI DSS | ISO 27001 | HIPAA | SOX | GLBA | NERC/CIP | PCI DSS - Ireland | PCI DSS - UK | PCI DSS - South Africa

PCI compliance

Acquirers/ISO's | Banks | Merchants | Payment Service Providers | Application Vendors | Hosting Providers | PCI DSS - FAQ's | PCI compliance - Ireland | PCI compliance - UK | PCI compliance - South Africa

PCI Forensic Investigator

Incident Management Workshops | Incident Response Scenario Workshop | PFI/PFI Lite Response Services | Payment Security Assessments | PFI - FAQs

© Sysnet 2011. All rights reserved.
Web Design & Web Development by Continuum Technologies