Scope & Approach
The suite of security services offerings from disaster backup and data recovery solutions provider Evolving Solutions encompass policy, physical, and technological assessment, design, deployment and optimization.
This approach mirrors the proven Evolving Solutions Full Lifecycle Initiative Methodology applied to all of our disaster backup and data recovery solutions, pictorially represented to the left.
Following is a listing of high-level tasks and activities encompassed within a proposed engagement.
Phase 1: Network Technology Assessment
The network assessment component addresses the assessment of all network and subnet nodes for known security vulnerabilities
- Perform Internet scan of primary location
- Perform DMZ(s) scan of primary location
- Perform internal network security scan from up to three network points of access
- Conduct comprehensive review of existing network infrastructure components at primary location and high-level review of components at remote locations
- Review of robustness of core and ancillary networks and impact of network security measures on bandwidth and latency
- Physical inspection of all corresponding network segments, if necessary
Phase 2: Systems Technology Assessment
The systems assessment component addresses the in-depth assessment of critical servers and workstations
- Inventory key servers and workstations for analysis purposes
- Evaluate host-based security as applicable
- Evaluate application level security architecture and mechanisms as applicable
- Evaluate authentication mechanisms
- Evaluate encryption technologies utilized
Phase 3: Subjective Technology Needs Assessment
The subjective technology needs assessment addresses strategic areas of security vulnerability such as vendor B2B, RAS, mobile workforce, intrusion detection, virus detection, etc.
- Evaluate vendor / partner vulnerabilities
- Evaluate auditing processes and capabilities
- Evaluate technological enforced policies
- Evaluate LAN architecture
- Evaluate WAN architecture
- Evaluate VPN use, if applicable
- Evaluate DMZ use
- Evaluate Intrusion Detection
- Evaluate Firewall(s)
- Evaluate core and border routers
- Evaluate other network appliances as applicable
Phase 4: Operational Policy and Procedure Review
The Operational Policy and Procedure Review encompasses the best practice review of existing and needed operational Information Technology policies and procedures.
- In-depth review of security policies and procedures
- Review of relevant portions of existing Disaster Recovery Plan, if applicable
- Review of relevant Service Level Agreements
Phase 5: Physical Security Assessment
Physical Security Assessment encompasses the process of reviewing and evaluating physical access to an organization's premises, network, and workstations
- Review and evaluate office location physical security considerations and mechanisms
- Review and evaluate data center(s) physical security considerations and mechanisms
Phase 6: Reporting and Recommendations
The Reporting and Recommendations phase encompasses the final analysis and presentation of findings and recommendations
- Review data gathered
- Discuss data collection tools and methodologies
- Present relevant findings
- Provide analysis related to relevant findings
- Provide comprehensive prioritized recommendations, including, if applicable
- Updated Network diagrams
- Recommended Network diagrams
- Classified action items
- Implementation recommendations
- Strategic direction recommendations
Secure your company's data with disaster recovery and data backup solutions from Evolving Solutions today.
