Information security is the most vital business enabler for all corporate organizations. Challenges faced in protecting critical assets like data and information need a solid and robust security framework that can detect, prevent and blocks malicious attempts to steal or misuse these vital resources.
Oncorre’s Information Security services, aimed at helping companies achieve continuous real time network monitoring and proactive security intelligence to ensure safety, availability and reliability of information can be classified into the following broad spectrum.
Security Governance and Compliance
Oncorre’s umbrella services in Security Governance, Risk and Compliance helps organizations evaluate operational controls and ensure that controls and processes achieve Governance and compliance to required norms.
Network and System Security
Oncorre has a comprehensive suite of services for network and system security assessment that ensure information processed by a set of network devices, servers and systems are configured to stringent protocols that eliminate security risks.
Identity and Access Management
IAM (Identity and Access Management) protects unauthorized access to vital information by implementing best of breed access management systems that ensures only authorized people get access based on roles and needs.
Information Technology and Systems Audit
Information Technology and Systems Audit helps organizations highlight business risks due to inadequacy of controls for live systems and the infrastructure supporting them. Oncorre’s auditing services are classified into Application Audits and Technical Audits.
Subject applications in production to verification of controls from the business process perspective which may be administrative controls or controls embedded in the application. Auditors will evaluate the complete logical security related to authentication, authorization and the configurations around that.
Identify vulnerabilities with respect to operating systems, network devices and public websites and all IT operational controls are also assessed from the control risk perspective. Technical Audits include areas like Data Centre, BCP & Testing, Risk Assessment, Network Architecture and Components, Email Services, Active Directory Services, IT General Controls and Information Security Policy Compliance
Business Continuity and Disaster Recovery
Organizations rely heavily on infrastructure items for information processing and it is vital for infrastructure systems to have continuous uptime and be robust enough to handle contingencies. Oncorre assess organizations from the Business Continuity Perspective and recommends the recovery strategy and the plan of action for implementation.
Oncorre helps organizations assess application security requirements with respect to business and development processes. Application audit also forms the part of Application Security.
Vulnerability Management services identifies susceptibilities for critical servers and network devices and recommends best practices for handling the vulnerabilities. Penetration testing is done on servers and network components exposed to the internet as also wireless access points.
Log management & analysis
Log management and analysis involves analysis of security logs and action on exceptions.
Manage security operations
Security operation services include antivirus management, patch management, tool maintenance and license management.
Security Device Management
Security device management involves managing the network perimeter, intranet, extranet, servers, desktops and laptops.