|
|
Information Security
Services
The key information security standards
around which Suma Soft provides these consulting services are
BS7799, ISO27001 and PCI DSS.
ISO 27001 is a standard published by
the International Organization for Standardization (ISO) and defines
an Information Security Management System (ISMS) and complements the
ISO/IEC 17799 (BS 7799-1). ISO 27001 is a standard designed to
ensure the selection of security controls that protect information
assets and give assurance to stakeholders including customers.
The PCI DSS is a set of comprehensive requirements for enhancing
payment account (credit card) data security, was developed by the
founding payment brands of the PCI Security Standards Council,
including American Express, Discover Financial Services, JCB
International, MasterCard Worldwide and Visa Inc., to help
facilitate the broad adoption of consistent data security measures
on a global basis.
The PCI DSS is a multifaceted security standard that includes
requirements for security management, policies, procedures, network
architecture, software design and other critical protective
measures. This comprehensive standard is intended to help
organizations proactively protect customer account data.
Suma Soft engages with its clients and provides an end to end
solution that comprises of:
-
Development
of organization's security framework consisting of security
policies and procedures
-
Identification of current implementation of policies and
procedures and identify gaps.
-
Mapping of
current network infrastructure and its security by
identification of access control, secure storage of sensitive
information, vulnerability management practices and
identification of gaps.
-
Implement
changes to eliminated the gaps from process and infrastructure
areas
-
Do internal
audits to ensure processes and systems meet required standards
-
Hand-hold
clients during external audits.
|
©Copyright 2007 - Suma Soft Pvt. Ltd., All Rights Reserved