|
 |
 Verizon FNS takes a practical approach to security solutions, focusing on operational needs, associated risks and potential cost to devise an optimal strategy that offers the best value with an acceptable level of risk. We follow a focused four step process from Assessment, Mitigation, Test and Certification through on-going Maintenance and support as part of our Managed Security Services to ensure continued secure operations throughout the systems life cycle.
Information Security Assessments
Verizon FNS relies on a disciplined methodology to review and understand the current security environment. We work with you to identify and prioritize critical sources of information, processes and systems, and their interrelationships. This approach assists in identifying potential vulnerabilities and possible solutions to mitigate the vulnerabilities. The result provides a framework for on-going information security management.
Security Program Policy Review and Development
Verizon FNS Security Consultants first evaluate existing security policies for completeness, consistency and compliance with appropriate regulations and guidelines. Upon completion of the evaluation, we provide a gap analysis with prioritized recommendations to strengthen the policies. For organizations just starting out, Verizon FNS will author appropriate security policies to address critical needs and develop a plan for implementation.
Risk Assessments
Verizon FNS utilizes a formal risk assessment process to identify potential threats to networks and systems. We take a holistic approach by examining five protection zones: physical, personnel, administrative, communications, and computer systems. For each zone, we identify assets and their business value, determine potential threats, identify the probability of occurrence, the potential impact and recommend safeguards to mitigate the risk. We perform a cost/benefit trade-off analysis to identify a solution consistent with the acceptable level of risk.
Vulnerability Assessments
Verizon FNS utilizes a structured methodology and state of the art tools to examine system security procedures, design, implementation and internal controls to identify known or published vulnerabilities within the enterprise. Our Security Engineers provide a clear and concise report with specific recommendations to correct or mitigate the vulnerabilities.
Penetration Test
Verizon FNS performs tests that involve scanning or probing of networks to identify security vulnerabilities and vulnerability exploitation tests in an attempt to gain access to information resources. We use automated tools, live penetration attempts using hacker techniques and tools, war dialing and other combinations of access methods. Upon completion of the test, we provide a report detailing vulnerabilities uncovered by the test and recommendation to resolve or mitigate the vulnerabilities.
|
|
|
