SecureDevice Security Management
With SecureDevice Security Management (SDSM), the enterprise gets a security installation comprising, e.g., IBM QRadar, IBM Security Network Intrusion Prevention System, Cisco Firepower, HCL BigFix and / or HCL AppScan adapted to the needs of the enterprise and security. The technical solution will be combined with SecureDevice Security Surveillance (SOC / SAC) adapted to the needs of the enterprise from quarterly meetings to security monitoring 24/7/365.
SecureDevice Security Management is designed to help your enterprise with deriving the maximum benefit from its investment, irrespective of whether it is a new solution or additional products or services that are to be integrated into the existing IT infrastructure.
At SecureDevice, we help our customers to define their business needs and requirements for their future IT security solution that ensures that customers always get a solution that meets their current and future needs.
SecureDevice’s competence comprises experience from top 300 companies in Scandinavia and technical knowledge, implementation and servicing of market-leading products.
At SecureDevice, we have chosen to be experts in IBM’s security solutions such as IBM QRadar, IBM XGS IDS/IPS, HCL AppScan, HCL BigFix and IBM Guardium. In addition, we are certified for Check Point, Cisco, McAfee, Carbon Black, Palo Alto and Flexera.
SecureDevice Security Management comprises 5 phases:
- Establishing the requirements.
- Proof of Concept.
- Design.
- Implementation.
- Security Management.
Each part is weighted equally high to ensure that the customer gets the optimum solution.
Establishing the requirements
In this phase, SecureDevice is in close dialogue with the customer about the customer’s technical set-up, combined with a knowledge of current security threats and future threats within the next 3-5 years. This makes it possible for SecureDevice’s security consultants to provide the customer with optimal consultancy advice and recommendations for the future IT security solution.
Our security consultants will help the customer by means of the following tasks:
- Establish the enterprise’s business requirements and needs.
- Establish the enterprise’s IT requirements and needs.
- Identify the enterprise’s current IT security solutions.
- Identify the enterprise’s current IT security level.
- “GAP”-analysis: Which IT security areas have been overlooked by the enterprise.
- Security audit – real-time analysis of all events.
- Description of future needs and risk.
- Definition of IT security projects.
This phase ends with a report with recommendations for which IT security measures the enterprise should implement within the next 0-3 years.
Proof of Concept
In this phase, SecureDevice will test the various IT security solutions at the customer’s premises in order to see how these fit into the customer’s network, and whether they meet the customer’s requirements and needs which were defined in phase 1.
The process will comprise the following activities:
- Set-up of technology in the customer’s network.
- A test period of approximately 30 days, where the technology is transparent in the network.
- Removal of technical equipment.
- Preparation of a report on observations and whether the technology meets the enterprise’s requirements and needs.
Design
In this phase, SecureDevice’s security consultants are in close dialogue with the customer about their network and IT security solutions. An assessment will be made of the current IT security set-up, and a recommendation will be made of the future IT Security set-up.
A design proposal will be prepared of how, e.g., IBM QRadar or IDS/IPS system can fit into the customer’s network, or how the process and the configuration of the web vulnerability scanner (Appscan) should be implemented to derive the greatest possible benefit.
Implementation
In this phase, the solution or solutions will be implemented in the customer’s network. SecureDevice will be the driving force in the process and ensure a successful implementation for the customer through continuous milestones, assessment and adjustments of the system. SecureDevice takes on responsibility for the implementation of the whole project if so required by the customer.
The normal implementation process may take from 14 days to 6 months, depending on the size of the project.
The process will comprise the following activities:
- Start-up meeting.
- Set-up of technology in the customer’s network – transparent.
- Review and assessment of the collected data.
- Baseline – adjustment of policies and configuration of the systems.
- Set-up of reports and dashboards.
- Activation of proactive security policies.
- Commissioning.
Security Management
When an IT security solution is commissioned, it is important to continually maintain the solution so that it always suits the customer’s needs, network, and, not least, future IT-security threats.
SecureDevice offers Security Management for the customer’s IT-security solutions. SecureDevice will continuously remotely monitor the IT-security solutions, and a SecureDevice security consultant is present on-site at the customer’s premises each week / month and undertakes a security analysis of all the acquired alarms and events that the system has collected in the period. This will ensure that the system is optimised at all times for the customer’s IT environment.
The security consultant will draw up a report with recommendations of which security areas the customer should examine more closely, and proposals for amendments, thus ensuring that the customer always has a high level of IT-security.
The service will, by default, comprise the following activities that can be adapted to the needs of the customer:
- On-going review and assessment of all alarms and events.
- Downgrading or upgrading of alarms and events.
- Installation of all updates and patches.
- Delivery of the Management report.
- Preparation and examination of the security report.
Several services