Infoskill principals have a strong background in security and audit that has been gained over the years working with major financial organizations. Managing security platforms in enterprise systems for many years for financial organizations gave our principals an appreciation of the importance of privacy and confidentiality. Our teams have a full understanding of ten well known disciplines of security: (1) Access Control Systems & Methodologies, (2) Telecommunications & Network Security, (3) Secure Management Principles, (4) Application & System Development, (5) Cryptography, (6) Security Architecture & Models, (7) Operations Security, (8) Disaster Recovery & Business Continuity Planning, (9) Law, Investigation, & Ethics, and (10) Physical Security. The Infoskill team strongly advocates that there is no magic bullet for security, and focuses on a holistic approach that is integrated into the strategic and tactical goals of any organization in a top-down approach.   Security Information Management Security Information Management is focused on confidentiality, integrity and availability of the information. As a matter of fact, these three principles of security are also known as the AIC triad that our team promotes and implements. Security Information Management consists of the fundamentals of an organization’s security program such as information classification, access control, policies and procedures, risk management, and especially security awareness and training. Security management begins with identifying an organization’s assets, performing risk analysis to assess their values, provide protection for these resources by implementing effective countermeasures to mitigate risks. An organization’s assets should be protected through balanced physical, technical and administrative controls. It is important to note that inadequate controls in any of these control verticals undermine the security processes and policies put in place. Infoskill strongly advocates that security must be promoted by senior management of any organization; without the leadership of senior management neither the processes nor the policies put in place will be taken seriously by the employees. We, at Infoskill, certainly believe that security is not about technology, but process, risk, and people. Therefore we prefer to work with all levels in an organization in order to ensure that strong management support will be the foundation of the processes, the information owners will assume their responsibility to classify the data, the security administrators will put the controls in place under the information owners’ guidance and ensure that policies and processes put in place will be rigidly followed, and security awareness will be increased significantly. In summary, the Infoskill team strongly believes and promotes security as a framework that builds the assurance and confidence that an organization’s assets are properly protected. New York Life, Canada Life, Rogers, Newcourt, and CIBC Finance are among the Canadian organizations that our teams worked with to build strong processes for a healthy security information management discipline. back to Security   Trademark Acknowledgements Any company, product or service names are trademarks or service marks of their respective companies.