• NPS have got an expert team of certified technical consultant who can do a complete audit of IT infrastructure and recommend the cost effective and feasible solution to optimize its performance.

An Internet Security Assessment is about understanding the risks that your company faces from being connected to the Internet. It is important to effectively decide how to spend time, money and human resources on information security. In this way the security expenditure can be requirement driven, not technology driven. In other words, we implement controls because we know that they're needed, not just because the technology is available.

Security audits involve a set of periodic, pro-active compliance and assurance activities that help assess the security of the IT infrastructure of your organization. They encompass security architecture, policy and vulnerability assessment.

Security Architecture Audit Service

An audit of this nature is typically carried out at the enterprise IT organization level and its objective is to assess the IT infrastructure in the context of security and availability. The elements covered in this service are:

Network devices like firewalls, Intrusion detection systems, VPN etc

Disaster recovery infrastructure and processes

Contingency plan and processes

Deliverables:

Analysis of gaps in

Existing IT network infrastructure

Existing disaster recovery plan and processes

Existing contingency plan and processes

Security Policy and Control Audit Service

An audit of this nature is carried out to assess:

The gap between the articulated Security policy of an organization vis-à-vis standards like BS7799, SANS

The gap between the articulated Security policy of an organization vis-à-vis the actual deployment of the same

Deliverables:

Analysis of the gaps in the security policy vis-à-vis standards like BS7799, SANS etc.

Severity of risk

Recommendations to plug the gaps

Action plan to plug the gaps

Vulnerability Assessment Service

This assessment service determines the nature of security vulnerabilities which exist on the network as well as hosts, and methods of mitigation. The vulnerability assessment covers network equipment like routers, switches, firewalls etc. and Operating systems like Windows NT, Solaris and Linux. This activity is usually performed by executing tool-based scans on network and hosts within the client's internal network. IMaRC will also provide an External Penetration testing Service. The objective is to assess the security posture of Critical Internet facing equipment. This activity is usually performed by executing tool-based scans on network and hosts that are visible on the Internet.

Deliverables:

Vulnerabilities on each network device and host.

Recommendations to identify the right safeguards plus findings and specific recommendations for each system.