Information Security Consultancy ServicesWe have been working with a number of different small and medium sized business over the last 10yrs offering our consulting services to help understand their potential security risk and where the gaps maybe, then through working closely with your IT teams develop the right solution to help you mitigate these risks.
Guardian Technologies work with many organisations, large or small, to help them develop, implement and operate their strategic information protection strategy, mitigating any information security risk. The ‘2017 State of Cybersecurity Metrics Annual Report’ stated that 1 in 3 companies invest in cybersecurity technologies without any way to measure their value or effectiveness, it is critical to measure what you are doing is working. This is where Guardian Technologies come in, we help our Clients to not only build their strategy, within budget, but also measure and quantify the impact the strategy is having. The following questions may provide a starting point for your consulting needs:
Do you need an information security strategy?
Guardian Technologies can provide a methodology to help your organisation develop an information security strategy, using your own intellectual property, working within your budget. Once we understand the current state of your information, we can agree what changes need to be made through stakeholder engagement, interviews and workshops.
The approach we take to helping any new client can be illustrated via our “Security Matrix Model” below. The matrix illustrates the different aspects of security, what they cover and how they should be applied within an organisation. Using the table below you can quickly identify where your organisation is positioned, based on what information security work you have already completed and identify what needs to happen next. For example, you may have the basics covered with anti-virus, firewall and patch management, but are your identify and access control panels up to date?
Do you understand your information risk?
Information risk is difficult to assess but it is critical to start here. It is vital that limited budgets are used to address the greatest risks and this may not necessarily be a technology but may be a process or awareness exercise.
Guardian Technologies can map your information flows across the organisation, using tools that provide dynamic reporting of information usage by users, showing who copies data out to USB sticks, DVDs, email, etc. With this information you can accurately plan your next steps to ensure that you are not the next company to feature on WikiLeaks!
Our Approach and Methodology
Using our EgoSecure Insight which is needs to run for 15 days to collect and present results. It will show who is accessing files, where are they being stored, where are they being moved and who is sharing. From this, Guardian Technologies will identify the ten highest risks to information, based upon likelihood and impact. A final consultation will be made to the client with suggested remediation activities.
Active Directory is the fundamental application used to manage access rights across your organisation, in most cases it is poorly administered due to its complexity. Guardian Technologies can provide reports and consultation of the current state of your Active Directory, develop the future state and then help manage the transition. Using 8MAN assessment techniques, you will quickly see where your Active Directory requires attention and identify excessive privileges.
Once we understand the current state of your information and where we need to transition to, we can help you build a business case to gain internal funding and support with key stakeholders.
Do you need help to classify your information?
As information security matures, so the need to classify information is required to be able to better protect sensitive information. Using our classification processes tool from Boldon James Technology will allow information to be monitored and protected based upon its sensitivity, the process can be automated, user driven or suggested so that impact on day to day activities are minimised. Budgets can be tuned to protect critical data as opposed to trying to protect everything to the same degree.
To discover more please read our Security Assessment. This white paper describes the background, tasks and benefits of the Security Assessment, and shows how your organisation can work with Guardian Technologies to improve security and reduce risk.
What to do next?
If this sounds like your business and would like to find out more, please get in touch to arrange your FREE 60-minute consultation.