Infoskill principals have a strong background in security and audit that has been gained over the years working with major financial organizations. Managing security platforms in enterprise systems for many years for financial organizations gave our principals an appreciation of the importance of privacy and confidentiality. Our teams have a full understanding of ten well known disciplines of security: (1) Access Control Systems & Methodologies, (2) Telecommunications & Network Security, (3) Secure Management Principles, (4) Application & System Development, (5) Cryptography, (6) Security Architecture & Models, (7) Operations Security, (8) Disaster Recovery & Business Continuity Planning, (9) Law, Investigation, & Ethics, and (10) Physical Security. The Infoskill team strongly advocates that there is no magic bullet for security, and focuses on a holistic approach that is integrated into the strategic and tactical goals of any organization in a top-down approach.   Vulnerability and Content Management Vulnerabilities are increasing at a ratio of almost seven a day with a high percentage of exploitation if not identified and patched in a relatively short period of time. The Infoskill team has been working in this space to implement antivirus, anti-spam, intrusion detection, and intrusion prevention for our clients. The Infoskill teams promote security architecture with layered protection for its clients. Security begins with a border router that controls both in-bound and out-bound network traffic. Publicly available servers are located on a screened network, also known as De-Militarized Zone, to screen the traffic further and routes the traffic to the back-end systems; as a matter fact, any traffic which is not initiated or authorized by the front-end systems is rejected by the second level firewalls. Cisco, Sonicwall, Symantec, and Netopia are among the appliance vendors whose products we promote for firewall solutions. We feel comfortable to implement packet filtering, stateful inspection, and proxy firewall solutions based on our clients’ needs. Back-end servers are always hardened based on their functionality so that only necessary services would be running to minimize threats. Finally, auditing and logging is activated so that any unusual activity can be traced back to identify the patterns of threats. Anti-virus and anti-spam solutions are placed on the perimeter and blocked early on before they become a threat for the internal networks. Computer Associates, Symantec, and GFI are among the software vendors that we work with to implement content and vulnerability management solutions for our clients. We fully understand the pros and cons of services, hardware and software based solutions for content filtering; therefore we can identify and implement the best cost effective solutions for our clients. Intrusion Detection and Intrusion Prevention systems are unavoidable for some of our clients; we implement these solutions as part of our pro-active security model and work with our clients closely to implement host-based, network-based, or integrated IDS systems or to implement IPS solutions that include IDS and detection systems, global and local security policies, risk management policies, global and access control, and alarming, notification and reporting utilities. back to Security   Trademark Acknowledgements Any company, product or service names are trademarks or service marks of their respective companies.