Security & Resilience
- Identity & Access Management (IAM)
- Data Loss Prevention (DLP)/Information Leakage
- Security Incident Event Management (SIEM)
- Securing the Extended Enterprise
- Technology Resilience (IT DR)
IAM helps clients to address risks and improve the efficiency of access management in large and/or complex environments. Consumer organisations often implement IAM solutions to address recurring access management issues and audit/control points.
Why is it an issue?
- Regulation requires demonstrable access management capabilities to be in place through access certification solutions and services
- To improve efficiency and controls – automated provisioning and reduced sign-on can result in increased efficiency, control and business satisfaction.
Our solutions cover all components of IAM including:
- Access governance – implementation of a business-friendly control framework that consistently enforces policy across HR processes, IT infrastructure and application access
- Enterprise identity – provision of a framework for access control and user administration that is integrated with HR joiner, mover, leaver processes with a single mechanism for requesting access
- Customer identity - enable a streamlined customer registration process and risk-based security framework across all products and services with seamless network access for corporate customers
- Information rights management - gain control of digital information by securing and tracking where it is stored and how it is used
- Cloud identity services - provide a seamless user experience by integrating cloud-based services with internal access control through federation. Reduce helpdesk costs by automating user provisioning and password management
- Privileged access management - separate high-privileged capabilities from regular user capabilities. Implement privilege user access management solution to audit access to administrative accounts
- Reduced sign-on.
High profile data loss and leakage due to security breaches has created intense publicity and significant regulatory action against the organisations responsible. High-profile losses have affected many organisations, and yet, data loss incidents are still common. The most common forms of information leakage incidents are still unprotected data downloaded to removable media (USB/CD drives) and sent via email.
For consumer business organisations, where brand reputation is key and increasingly significant proportion of revenue is generated through payment cards, this is an area of focus.
Why is it an issue?
- Organisations need to comply with a range of legislation and regulations including the Data Protection Act and PCI DSS
- There is a cost to getting it wrong, most significantly through the reputational impact and a loss of confidence from customers and suppliers. As well as fines, there are also wider financial implications such as breaches. These cost UK companies an average of £1.73 million or £60 per record (Ponemon Institute 2008 annual study: UK cost of a data breach)
- It is estimated that over 70% of all cases are due to insider negligence.
- A DLP assessment quantifies the amount and type of data that is being mishandled and helps to inform and quantify remediation activity
- A DLP implementation allows continual assessment, alerting and blocking of data movement and transfer actions that violate defined policies.
To make effective and informed decisions, CB organisations need to be able to harness, process and make sense of potentially thousands of non-stop information feeds [related to security incident events] across a vast global technology estate.
SIEM supports effective incident detection through monitoring information from various sources to increase the visibility of security threats. Implementation of a SIEM system allows reduced security operating costs through automation of existing manual compliance checks.
Why is it a key issue?
- Maintaining vigilance over the potential threats to organisations systems, applications and data from both internal and external sources can be complex and time consuming
- Protecting organisations through transitional projects such as integrations or mergers can be difficult to initiate, scope, sustain and complete.
- We can provide an assessment of your current log monitoring
- We are able to advise on product selection
- Design, build and deploy your SIEM system
- Developing business processes and associated roles and responsibilities to help ensure effective use of your SIEM system
- Providing training and awareness to help your staff understand how to use the SIEM system.
All CB organisations are highly reliant on third parties as part of their supply chain. In addition third parties are often used to provide a flexible and high quality service to customers. As a result, sensitive information and resources may become shared or held externally. The organisation must rely on the controls of the third party in order to protect assets such as personal or financial customer data.
Organisations are typically held accountable for data losses within their third party services providers. They therefore need to understand which third parties hold their information, what sensitive information is held, and if the controls implemented are sufficient to protect their information.
Why is it an issue?
- The Information Commissioners Office (ICO) expects organisations to ensure that their third parties securely protect customer and employee data and to implement controls covering the aspects of people, process and technology
- There is a cost to getting it wrong, including time incurred in responding to regulatory investigations and reputational implications
- Given the number of third parties with whom large organisations typically engage, these can be complex and time consuming to manage, presenting budget and resourcing challenges for organisations.
Our extended enterprise security services help clients to:
- Review, categorise and prioritise their supplier base in order to determine what type of security assessments are required for each supplier
- Understand contract issues (e.g. is the contract silent on security, is there a right of audit, are responsibilities for co-sourced services clearly defined etc.)
- Execute supplier assessments ranging from Control Self Assessments (CSA), short 1-2 day assessments through to deep risk assessment covering multiple days/weeks
- Gain insights into third parties attitudes and practices
- Help establish clear accountability and governance (e.g. the allocation of roles and responsibilities between the organisation and third parties providing co-source services is particularly critical)
- Understand the residual risk from suppliers, make decisions and prioritise mitigating actions
- Track issues and risk management activities
- Understand how their activities compare to their peers and industry best practice in this area.
Consumer businesses increasingly face rising costs, increased regulatory controls and dynamic shifts in global economics coupled with consumers wanting more variety, greater choice, healthier products, higher quality and lower prices. Though acquisition and growth many organisations of this kind find themselves with large and complex IT environments that have multiple single points of failure with difficult options for recovery. These complexities often lead companies to implement ad hoc short term solutions that can also complicate the recovery. This, coupled with geographically dispersed multi vendor technology environments can prove challenging for organisations, whilst also seeking to find a recovery strategy that will work and grow with their business.
Many organisations still fail to get the basics right, whilst others strive to improve both the speed and confidence in their recovery process should the unthinkable happen. The adoption of the right combinations in technology resilience and recovery strategy often leads organisations to maintain their leading edge over their competitors.
Why is it an issue?
- Increased system complexity and data volumes challenge resilience and recovery capabilities
- Designing and implementing near zero system failure and zero data loss strategies requires careful balancing of availability, resilience and recovery solutions
- Organisations are not necessarily able to conduct adequate fail-over tests to prove resilience or recovery in large scale geographically spread environments
- Organisations need to meet industry required and system specific regulatory requirements
- Difficulties in managing multiple vendors across estate with differing jurisdictions
Our technology resilience services help clients to:
- Establish or enhance IT DR policy and strategy in line with industry practice
- Undertake critical systems dependency and single point of failure analysis, enabling ‘what if?’ failure scenarios and end-to-end testing boundaries to be established
- Enhance recovery and resilience solutions and management practices
- Assess and implement more resilient or rapid recovery technologies, such as server virtualisation, de-duplication and storage optimisation
- Enhance the resilience of data and voice networks
- Assess the adequacy of data replication, back up and restoration
- Assess the adequacy of infrastructure architecture and fail-over testing under complete data centre loss scenarios
- Assess data centre resiliency and geographic risk
- Enhance the design, management and reporting of IT DR tests
- Assess a third party solution provider’s IT DR capability.