Multi-disciplinary technology company InfoTech has expanded its portfolio with the launch of a new security stack backed by cyber security experts, to offer security testing, audits, recommendations and solutions.
Mauritz du Toit, CEO at InfoTech, says the new service is in line with the company’s ongoing ‘disruptive expansion’ strategy. “The security assessments offer comprehensive penetration, vulnerability and risk testing. Our security team also monitors the dark web to proactively detect threats, and goes so far as to assess gaps in cyber security skills and awareness within the organisation’s workforce,” he says.
InfoTech’s cyber security specialists make recommendations on areas for improvement and can also action these improvements.
“The assessments can be carried out per environment, on an ad hoc basis, with no long contractual commitment,” he says. “We have automated much of the audit and pen-testing processes to reduce the costs of audits and make them more accessible to more customers.”
Du Toit says the new service has been welcomed in the market, where their customers now prefer to work with a single service provider.
“We see growing demand from public and private enterprises to work with one company providing all their IT services,” he says. He notes that the security stack complements InfoTech’s infrastructure as a service, backup and disaster recovery solutions and services.
Here’s how InfoTech’s security assessment complements its other security services:
Identifying vulnerabilities and threats:
A security assessment helps identify potential vulnerabilities and threats within the IT infrastructure, including the systems used for backup, DR and IaaS. By understanding security weaknesses, you can better design and implement protective measures.
Data protection and confidentiality:
Security assessments focus on ensuring the confidentiality, integrity and availability of data. This is crucial for services like backup and IaaS, where sensitive data may be stored or transmitted. It ensures that data is protected both during regular operations and in the event of a disaster.
Access controls and identity management:
Assessments evaluate access controls and identity management systems. For services like IaaS, ensuring that only authorised personnel have access to critical infrastructure is paramount. This also ties into the security of backup and disaster recovery data.
Security of communication channels:
Evaluate the security of communication channels used for data backup and transmission. This is particularly important in the context of DR, where data needs to be replicated and restored securely.
Incident response planning:
Security assessments often include reviewing and enhancing incident response plans. In the case of DR, having a robust incident response plan ensures a swift and effective recovery from any disruptive event.
Compliance and regulatory requirements:
Security assessments help ensure that the IT infrastructure, including backup, DR and IaaS components, complies with relevant industry regulations and standards. This is critical for businesses that need to adhere to specific compliance requirements.
Security awareness and training:
Evaluate the level of security awareness and training within the organisation. Users and IT personnel should be educated on security best practices, especially when dealing with critical services like backup and IaaS.
Encryption and data protection measures:
Assess the use of encryption for data in transit and at rest. This is essential for securing sensitive information stored in backups and on IaaS platforms.
Secure configuration of infrastructure:
Ensure that the configuration of infrastructure components is secure. Misconfigurations can lead to vulnerabilities that could be exploited. This is critical for both IaaS and DR systems.
Integration of security controls:
Integrate security controls seamlessly into the backup, DR and IaaS processes. This includes mechanisms for monitoring, logging and alerting for any security incidents.
Third-party and vendor security:
Assess the security practices of third-party vendors involved in providing backup, DR or IaaS services. This includes evaluating the security measures implemented by cloud service providers for IaaS.
Physical security considerations:
Consider the physical security of data centres and facilities where backup and DR infrastructure is housed. Physical security is a critical aspect of overall data protection.
InfoTech offers a portfolio of 15 assessments to help customers identify areas for improvement. These include:
- Security risk assessment: Evaluates IT infrastructure, systems and practices to identify potential security risks and vulnerabilities.
- Compliance assessment: Assesses adherence to industry-specific regulations and compliance standards.
- Cloud readiness assessment: Evaluates readiness to migrate to the cloud, assessing current infrastructure, applications and data to determine the feasibility and benefits of adopting cloud solutions.
- Infrastructure health check: Reviews IT infrastructure to ensure it is optimised for performance, scalability and reliability.
- Network performance assessment: Analyses network infrastructure to identify bottlenecks, latency issues and areas for optimisation.
- Data governance and management assessment: Evaluates how data is managed and governed, assessing data quality, accessibility and security.
- Backup and disaster recovery assessment: Assesses backup and disaster recovery plans, identifying gaps and vulnerabilities.
- Digital transformation readiness assessment: Evaluates readiness for digital transformation initiatives, looking at technology infrastructure, processes and workforce capabilities.
- IT service management (ITSM) assessment: Reviews IT service management practices, including incident management, change management and service desk operations.
- Software licensing and compliance assessment: Assesses software licensing practices to ensure compliance with licensing agreements.
- User experience (UX) assessment: Evaluates the user experience of digital products or services.
- Cost optimisation assessment: Reviews IT spending to identify potential cost-saving opportunities.
- IT training needs assessment: Assesses the skill levels of an IT team and identifies areas where additional training or upskilling may be beneficial.
- Vendor risk management assessment: Evaluates how an organisation manages risks associated with third-party vendors.
- Sustainability and environmental impact assessment: Assesses an organisation’s environmental impact and sustainability practices.
Read the article on: ITWeb