General Security Consulting
Creation Logic draws upon Consultants with deep knowledge in
the area
of computer security to assist with diverse projects which either have
an information security aspect, or are security focused. Creation logic
works as part of your team to provide a greater understanding of
information assurance and risk management for any project that your
company is contemplating or currently involved with, in order to insure
that your projects, products and policies accomplish your business
goals without risking the integrity of business information.
While the depth of experience at Creation Logic allows this category to
be defined quite broadly, some examples of work performed in this area
include:
º Analysis of
the security stance of business partners or
potential
security partners to insure the integrity of information shared with
that partner.
º Technical
review of system specifications and development plans for new
products or offerings to insure security and integrity of the system or
program.
º Activity/Event
analysis of forensic information related to a security
event in order to understand the parameters of the event
External network security assessment
Creation Logic works with company IT, service providers and
other
involved external resources to analyze company infrastructure which is
exposed to the Internet for network based vulnerabilities. Elements of
this analysis include:
º Both
automated and manual scanning of external hosts.
º Detailed manual analysis of
vulnerabilities.
º
Detailed strategies for managing or eliminating exposed vulnerabilities.
º
Executive level risk analysis.
º
Technical risk analysis and recommendations.
Information Assurance Policy analysis and assessment
Consultants at Creation Logic have worked with hundreds of
companies on
assessment of current security policy and creation of new policies
where it is warranted. Since properly directed and motivated people are
more effective than computers in maintaining good security, Creation
Logic works with IT, Human Resources, Legal and Executive staff to
create policy which reflects business goals and leads to proper
information handling with respect to information security. While some
policies are driven by regulatory compliance, nearly all companies will
have written policies in the areas of:
º
Acceptable use of company network and computing resources.
º
Classification of proprietary information.
º Proper handling and disposal of
company classified information.
º
Communications standards for defined information flows.
º
Authentication, Authorization and Access controls.
Security Infrastructure Support
Senior consultants at Creation Logic have been involved with
some of
the largest and most involved security perimeters in the world, and
bring in-depth understanding of networking, firewalls, intrusion
detection systems, intrusion prevention systems and enterprise services
to bear on supporting your company's security infrastructure in the
capacities of:
º
Design
º
Deployment
º
Diagnostics
º
Performance analysis
º
Forensic preparation