The weakest link in most security systems is not a piece of hardware or a vulnerable section of code; the weakest link typically is the people using the systems. Social engineering is the methodology used by cyber criminals to exploit human nature because as they say, “there is no patch for human stupidity.” 

OnlineSecurity’s Policies and Procedures Service offering provides organizations with the patch for social engineering effective policies and procedures that are aimed at cost effectively securing the organization.

Service Description:

• Policy and procedure engagements encompass two distinct phases:
• Reviewing information technology practices within the organization to determine the adequacy of existing controls and compliance with existing security policies. In reviewing the security policies, OnlineSecurity looks at the following areas:
• Physical Security, Network Security, Access Control, Authentication, Encryption, Key Management
• Security Awareness, Acceptable Use Policy, Software Security, Compliance.
• Auditing and Review, Incident Response & Disaster Contingency Plan.
• Developing a comprehensive set of information technology policies and procedures that will enable the administration of the organization to secure their assets, enable user compliance, and adapt to changing environments.

Delivery Mechanism:

• In developing and reviewing security policies, OnlineSecurity employs a pragmatic approach that balances security and operational requirements.
• The majority of this reviewing phase will occur at the client’s location, and will require that OnlineSecurity have the cooperation from and access to key technical and leadership individuals within the organization.
• The development of security policies and procedures is an iterative process which must be done in close collaboration with the client. Consequently, all of this phase will occur at the client’s location and will require the cooperation from key technical and leadership individuals within the organization.

Deliverables:

• From the assessment phase OnlineSecurity will provide to the client a detailed assessment report encompassing the policies and procedures reviewed, inadequacies discovered, and recommendations to secure the organization.
• In the development phase OnlineSecurity will collaborate with the client to provide a comprehensive set of security policies and procedures.

Contact
Phone:  310-815-8855 ext 212 / Fax:  310-815-8808 / Email: info@onlinesecurity.com