Information security
Solutions personalized according to the needs of your institution or company
See our action lines
Governance
We understand Governance as the starting point for structuring Information Security in the institutions. Therefore, we support institutions in the development of policies, norms and procedures, the implementation of management committees, trying to model, structure and formalize an Information Security Management System (ISMS).
Examples of solutions:
- Diagnostics of the Management System
- Development of Information Security Policies
- Implementation of the Information Security Committee
- Data Classification
Audit and Compliance
We help to create mechanisms to review the effectiveness of internal policies periodically and comply with laws and regulations in force in the information security area. After all, new threats surge daily and make us be ready and alert.
Examples of solutions:
- Analysis o9f Compliance with Legal Requirements
- Support in Due Diligence and External Audits
- ICT Internal Audit
Risk management
We prepare structured and periodically reviewed processes, plans and controls to let everyone know where to apply their efforts efficiently to solve undesired events that put the information security of the institution at risk, dramatically reducing the possibility the events to generate significant negative impact.
Examples of solutions:
- Information Security Risk Management Process
- Information Security Risk Analysis
Education and Awareness
We systematically and objectively organize actions to educate and make collaborators and users aware of the definitions brought by an information security policy and their expected behavior before the increasingly more advanced threats that surround our daily routine.
Examples of solutions:
- IS Awareness Campaign
- IS Thematic Actions
Security Engineering
We design specifications for development and acquisition of software and creation of network, contemplating security criteria and controls. This action can generate significant reduction of incidents or vulnerabilities identified in the infrastructure of an organization. Furthermore, we support the management of user identities and access to such software or networks. The focus is on assuring the business continuity.
Examples of solutions:
- Secure Software Acquisition and Development
- Identity and Access Management
- Business Continuity Management
Security operations
We help to operationalize security incident handling, manage technical vulnerabilities and constantly assess the security of computer networks and data processing environments. Thus, the institution will be able to handle events that have effectively compromised, to a smaller or greater extent, the confidentiality, the availability or the integrity of the information.
Examples of solutions:
- Implementation of the Computer Network Incident Handling and Response Team (Etir)
- Technical Vulnerability Management
- Data Network Security Analysis
- Security Analysis in Physical Environment