Network Security Management

Network Security Management

Diverse Networks, LLC works directly with both Sage Data Security and Security Management Partners for their customers' security needs. Sage and SMP are independent information security firms specializing in IT Audit and Risk Assessment. They do not sell hardware or software...all they do is data protection. Sage and SMP clients include banks, hospitals and large corporate accounts where compliance and secure customer information are a top priority. Most companies are already doing a vulnerability assessment at some point during the year to ensure they are keeping private information safe from unauthorized entities on the internet. Sage and SMP emulate these ‘hackers' in an effort to document a report that shows what your network looks like to the public, where any loopholes may exist, and how to remediate those vulnerabilities. With both Sage and SMP, Diverse offers another resource for our customers to decrease risk as well as their expenses related to these services.

Network Assessments

External– performed from an outsider’s perspective, usually across the internet, identifies publicly accessible vulnerabilities and determines what information is available to hackers.

Internal – performed from inside the network to determine how much information a disgruntled employee or contractor can acquire without detection.

Wireless – assesses the security of an authorized wireless network while identifying rogue access points, maps an area’s wireless activity, and shows signal leakage.

Dial-Up – identifies unauthorized modems that could allow remote access and tests known modems for security weaknesses.

Application – in-depth probing to fully test access controls and to identify configuration deficiencies and security vulnerabilities.

Regulatory Compliance – assesses the gaps between the existing security posture and regulatory requirements and verifies compliance through repeated testing.

Operational Assessments

Examine existing infrastructure design for weaknesses and existing operational controls to determine if they are adequate to protect information assets and if they are being followed on a day-to-day basis.

Information Risk Assessment – an in-depth evaluation of the existing Risk Management process to determine if it is adequate to protect business assets and complies with regulatory requirements.

Security Policy and Procedure Review– verifies policies are comprehensive or identifies areas requiring improvement and reveals gaps between operational controls and those mandated by existing policies.

Architectural and Firewall Review– includes examination of network topology, rulebases and device configuration along with first hand observations and direct questioning to determine adequacy of existing controls.

Physical Security Review– identifies areas of security risk around and within the facility and examines processes for gaining physical access to restricted locations.

Social Engineering Assessment – uses means such as lies, impersonation, and subversive access attempts to test the strength of a existing policies, staff training, and technical controls.

IT Controls Assessment– identifies relevant systems and processes, determines the effectiveness of existing controls and practices, and comments on Quality of Risk Management and Aggregate Risk.

Intrusion Detection & Intrusion Prevention Systems – testing to verify the system is working properly and response complies with stated procedures.

Consulting Services

Whether responding to an information security incident, developing compliant policies or assisting in the development of a security strategy, SMP offers a variety of security experience in preventive, detective, and corrective services.

Incident Response – helping organizations develop incident response plans, provides experts to minimize damages, preserve evidence and investigate root causes of a computer incident.

Forensics – with investigative protocol derived from stringent law enforcement standards, we work with an organization to achieve the proper retrieval of evidence and perform analysis of data to be used as evidence in a court of law.

Security Advisory Program – the dedicated “Security Advisory Team” offers an on-call resource to field questions and propose solutions related to technologies, network topology best practices, and regulatory compliance issues.

Security Policy Creation – customize security policies that are relevant to an organization, are compliant with regulatory requirements, and address the business objectives of the organization while operating within its cultural boundaries.

DR/BCP Development and Assessment – evaluate the existing plan’s ability to prepare and respond to disasters, accidents, and tragedies and return to operations as normal with minimum downtime or develop a plan if none exists.

Digital Forensic Services

The need to protect customer and company data grows increasingly important. Maintaining reputation and avoiding costly legal battles are just two critical concerns. Today, organizations must not only identify and stop improper use of information and systems, they are often challenged to investigate further to obtain digital evidence. Such investigations demand specialized skills that often exceed in-house expertise. Providing the forensic expertise necessary to appropriately collect and examine key electronic evidence.