Security and Privacy Services
Enabling Business to do Business
The greatest assurance a business can have is to know that it’s information is secure and under control. We at Deloitte understand this more than anybody and have a focused data security and privacy service dedicated to assist companies to assess, design, develop, implement, manage and update their security strategy.
| Operations and Infastructure | Privacy & Compliance | Managed Services | Information Security Management |
| Network (Wired & wireless) Web application & Mobile Security Vulnerability Assesments Penetration Testing Data Leakage Protection Network Security Architecture |
Privacy Assesment Business Impact Assesment Privacy Policy Development Privacy Violation Plans Web Site Privacy Audit Compliance Rationalisation |
Co-Sourced IS Management IT Security Operations Vulnerability Management Risk Management & Reporting Outsourced IS Management |
ISO27001 Certification Security Policy Development ISO27001 Gap Analysis ISMS Development ISMS Audit based on ISO27001 |
Operations & Infrastructure Security
Businesses today demand robust inter-connectivity for employees, customers, suppliers and business partners. Our experience with a variety of IT infrastructures demonstrates how they often evolve in an unstructured way and can be inconsistently configured, difficult to manage and ineffectively controlled and monitored. Our Infrastructure & Operations Security framework can be applied to many technical security areas including:
- Identity & Access management
- Data Leak Prevention
- Controls automation & enablement
- Security monitoring and reporting
- Network security and zoning
We help improve these infrastructures by leveraging our experience in major security change programs, bringing together a deep technical understanding and knowledge of how technology needs to fit with the business and risk management drivers.
Privacy & Compliance
Customer and employee concerns over personal information and breaches in data protection can inhibit organisational change, impact technology integration, increase legal liability and lead to corporate reputation damage.
Looming legislation and mounting public awareness will soon require organisations to establish appropriate policies and procedures to protect the various forms of data that are part of their business operations.
Deloitte has developed a risk-based approach and methodology to help organisations evaluate, design and implement a privacy program and solution that is scalable and sustainable. This approach identifies and focuses on privacy and data protection issues that represent either the highest risk or the highest return on investment. It also ensures flexibility and focus to address local, unique privacy requirements on a case-by-case basis.
Managed Services
Our managed services offering’s key aim is to provide information security related skills in a market where these skills are hard or expensive to come by. In doing so, Deloitte will ensure that our clients can maintain and sustain their information security management efforts.
The services we offer range from:
Co-sourced Information Security Management focused on IT security operations;
- Vulnerability Management; and
- IT security Risk Reporting, right through to providing an outsourced Chief IT Security Officer.
Deloitte’s vulnerability management services can help you identify the specific technical and architectural improvements needed to minimize exposure to attacks. With our customized methodology, we can assess the many aspects of risk to support identification of both internal and external facing threats. Using both commercial and proprietary tools, we conduct the following vulnerability assessments:
- External penetration testing
- Internal penetration testing
- Wireless penetration testing
- Web application testing
- System, application and network security diagnostic assessments
- Social engineering vulnerability assessments
We provide these services though skilled personnel and the relevant technologies. Additionally, we ensure appropriate interoperation with the other risk management functions of our clients, such as Operational Risk and Internal Audit.
Because of our approach we are able to provide the services to complement or outsource your Information Security function.
Information Security Management
In today’s complex business environment, knee-jerk reactions to the latest technical security threats will not resolve flaws in the overall approach to security. Organisations must implement and maintain a security management framework, aligning people, process and technology, to survive in today’s competitive market and achieve a fundamentally more secure state.
We can help improve the security of a single component or work with you to develop comprehensive security programs and maintain an entire information security management framework to address the following Security & Privacy areas:
- Governance and strategy
- International and industry standards
- Risk management and compliance
- Training and awareness
- Effective assurance
- Metrics
We also provide IT process maturity assessments and implementations by leveraging off best practice frameworks like COBIT, ITIL & TOGAF.
Key contacts
Paul Orffer
Senior Manager
Mobile: 082 411 4839
porffer@deloitte.co.za
Tiaan van Schalkwyk
Senior Manager
Mobile: 083 475 3551
tvanschalkwyk@deloitte.co.za
Thought Leaderhsip
Material on this website is © 2013 Deloitte Global Services Limited, or a member firm of Deloitte Touche Tohmatsu Limited, or one of their affiliates. See Legal for copyright and other legal information.
Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee, and its network of member firms, each of which is a legally separate and independent entity. Please see www.deloitte.com/about for a detailed description of the legal structure of Deloitte Touche Tohmatsu Limited and its member firms.