Security & Resilience
- Identity & Access Management (IAM)
- Data Loss Prevention (DLP)/Information Leakage
- Security Incident Event Management (SIEM)
- Securing the Extended Enterprise
- Technology Resilience (IT DR)
IAM helps clients to address risk and improve efficiency, staff and customer experience across the organisation. Health and Life Science organisations often implement IAM solutions to address recurring access management issues and audit/control points.
Why is it an issue?
- Compliance and reporting provides control and visibility across complex infrastructures and allows an organisation to answer “who has access to what”?
- To improve efficiency and controls – automated provisioning and reduced sign-on can result in increased efficiency, control and business satisfaction
Our solutions cover all components of IAM including:
- Access governance – implementation of a business-friendly control framework that consistently enforces policy across HR processes, IT infrastructure and application access
- Enterprise identity – provision of a framework for access control and user administration that is integrated with HR joiner, mover, leaver processes with a single mechanism for requesting access
- Customer identity - enable a streamlined customer registration process and risk-based security framework across all products and services with seamless network access for corporate customers
- Information rights management - gain control of digital information by securing and tracking where it is stored and how it is used
- Cloud identity services - provide a seamless user experience by integrating cloud-based services with internal access control through federation. Reduce helpdesk costs by automating user provisioning and password management
- Privileged access management - separate high-privileged capabilities from regular user capabilities implement privilege user access management solution to audit access to administrative accounts
- Reduced sign-on.
High profile data loss and leakage due to security breaches has created intense publicity and significant regulatory action against the organisations responsible. High-profile losses have affected many organisations, and yet data loss incidents are still common. The most common forms of information leakage incidents are still unprotected data downloaded to removable media (USB/CD drives) and sent via email.
Why is it an issue?
- Organisations need to comply with a range of legislation and regulations including the Data Protection Act and PCI DSS
- There is cost to getting it wrong, the biggest of which is likely to be reputational and a loss of confidence from your customers and suppliers. As well as fines, there are also wider financial implications such as breaches. These cost UK companies an average of £1.73 million or £60 per record (Ponemon Institute 2008 annual study: UK cost of a data breach)
- It is estimated that over 70% of all cases are due to insider negligence
- A DLP assessment quantifies the amount and type of data that is being mishandled and helps to inform and quantify remediation activity
- A DLP implementation allows continual assessment, alerting and blocking of data movement and transfer actions that violate defined policies.
To make effective and informed decisions, Health and Life Science organisations need to be able to harness, process and make sense of potentially thousands of non-stop information feeds across a vast global technology estate.
SIEM supports compliance with control requirements for effective incident detection via log monitoring (e.g. SOX and PCI DSS) by increasing the visibility of security threats through the aggregation and correlation of disparate information sources. Implementation of a SIEM system allows reduced security operating costs through automation of existing manual compliance checks.
Why is it a key issue?
- Mergers – it provides a technology integration/overlay of security operations processes and supporting technologies
- Insider threat monitoring – monitoring administrator and privileged user activity
- Application monitoring – who is accessing potentially sensitive data within applications
- Business integration – joining from IAM directories and other sources to alert against access violations/attempts
- We can provide an assessment of your current log monitoring
- We are able to advise on product selection
- Design, build and deploy your SIEM system
- Developing business processes and associated roles and responsibilities to help ensure effective use of your SIEM system
- Providing training and awareness to help your staff understand how to use the SIEM system.
Organisations are typically highly reliant on third parties to bring cost savings, improved agility and a high quality of service to their clients and patients. For Health and Life Science organisations the protection of any client and patient sensitive information and resources held externally is of paramount importance. The organisation must rely on the controls of the third party in order to protect these assets.
Organisations are typically held accountable for data losses within their third party services providers. They therefore need to understand which third parties hold their information, what sensitive information is held, and if the controls implemented are sufficient to protect their information.
Why is it an issue?
- The Information Commissioners Office (ICO) expect organisations to ensure their third parties securely protect sensitive personnel data (e.g. patient records) and to implement controls covering the aspects of people, process and technology
- There is cost to getting it wrong – from fines, time incurred in responding to regulatory investigations and reputational implications
- Given the thousands of third party relationships large organisations typically have, it is a complex and time consuming problem which presents budgetary and resourcing challenges for organisations in managing efficiently.
Our extended enterprise security services help clients to:
- Review, categorise and prioritise their supplier base in order to determine what type of security assessments are required for each supplier
- Understand contract issues (e.g. is the contract silent on security, is there a right of audit, are responsibilities for co-sourced services clearly defined etc.)
- Execute supplier assessments ranging from Control Self Assessments (CSA), short 1-2 day assessments through to deep risk assessment covering multiple days/weeks
- Gain insights into third parties attitudes and practices
- Help establish clear accountability and governance (e.g. the allocation of roles and responsibilities between the organisation and third parties providing co-source services is particularly critical)
- Understand the residual risk from suppliers, make decisions and prioritise mitigating actions
- Track issues and risk management activities
- Understand how their activities compare to their peers and industry best practice in this area.
Many Health and Life Science organisations fail to get the basics right, whilst others strive to improve both the speed and confidence in their recovery process should the unthinkable happen. The adoption of the right combinations in technology resilience and recovery strategy often leads organisations to maintain their leading edge over their competitors.
Though acquisition and growth many organisations of this kind find themselves with large and complex IT environments that have multiple single points of failure with limited or unworkable recovery options. These complexities often lead companies to implement ad hoc short term solutions that further complicate their recovery landscapes. This, coupled with a geographically dispersed multi vendor technology environments provides for a challenging task for organisations to undertake, whilst seeking to find a recovery strategy that will work and grow with their business.
Why is it an issue?
- Increased system complexity and data volumes challenge resilience and recovery capabilities
- Designing and implementing near zero system failure and zero data loss strategies requires careful balancing of availability, resilience and recovery solutions
- Organisations are not necessarily able to conduct adequate fail-over tests to prove resilience or recovery in large scale geographically spread environments
- Organisations need to meet industry required and system specific regulatory requirements
- Difficulties in managing multiple vendors across estate with differing jurisdictions.
Our technology resilience services help clients to:
- Establish or enhance IT DR policy and strategy in line with industry practice
- Undertake critical systems dependency and single point of failure analysis, enabling ‘what if?’ failure scenarios and end-to-end testing boundaries to be established
- Enhance recovery and resilience solutions and management practices
- Assess and implement more resilient or rapid recovery technologies, such as server virtualisation, de-duplication and storage optimisation
- Enhance the resilience of data and voice networks
- Assess the adequacy of data replication, back up and restoration
- Assess the adequacy of infrastructure architecture and fail-over testing under complete data centre loss scenarios
- Assess data centre resiliency and geographic risk
- Enhance the design, management and reporting of IT DR tests
- Assess a third party solution provider’s IT DR capability.