Trust (Security)

At the core, trust solutions protect vital assets of a company from external/internal sources/forces. In today’s information age, companies are creating new information at exponential growth rates. The confidentiality and integrity of these information assets is important for organizations to maintain competitive advantage. Easy access to this secured information is key to a company’s productivity.

Due to the volume of information residing in distributed systems, protection of this information is becoming more challenging. Key to the issue is the reliance on the Internet for connectivity and the proliferation of malicious software code, applications, SPAM, etc. These malicious applications are designed to decrease productivity and increase risk by causing business downtime and/or theft of key information. Organizations are regularly susceptible to security breaches (external and internal). Today’s trust initiatives start with high-level corporate policies and cascade down to the application/systems and infrastructure protection methodologies.

EXENET's trust solutions taken into consideration two key areas:

• Leading edge vs. bleeding edge - adopting new technologies when they have been proven with other organizations of similar size and usage
• Optimization of IT hardware & software spending - keep technology vendors in check to assure that what you need to purchase is truly needed and determining when existing systems need to be replaced.

EXENET’s unique value:

• We always take a vendor independent approach – you get the technology you need, not what the vendor wants to sell you
• Key understanding for business processes in the vertical markets of legal, mid-tier financial services, advertising, media and education.
• EXENET brings best practices that have been designed and implemented in these verticals – we’ve done it and we know
• Our clients report that we have become their “trusted advisor”
• We understand in depth the technologies involved in creating trust solutions

EXENET Business Processes

EXENET trust services start with a review of existing corporate security policies. Upon completion of this review, any potential gaps identified are documented and then our security architects develop a trust-based solution focused on the infrastructure foundation. Due to the breadth of potential security solutions, these trust services requires a focus that deals with all aspects of infrastructure security. During this architecture development phase, EXENET takes a vendor independent approach to assure best-of-class security .

• First Phase – Review/audit of the existing security policy and audit the current security infrastructure.
• Second Phase – Create a vendor-independent architecture based upon the security policies as well as the audit.
• Third Phase – Conduct vendor selection and technology recommendations
• Fourth Phase – Implementation of technologies, either jointly with a preferred integrator or independently. Co-sourcing solutions are commonplace.
• Fifth Phase – Monitoring and support of key security infrastructure components.

Technologies Deployed for Trust Solutions:

• Firewalls – packet level, state level, application level
• Intrusion Detection Systems (IDS) – look at network based, host based and anomaly-based systems.
• Deep understanding of TCP/IP applications and ports (sniffer based tools to analyze and detect malicious activities)
• Virtual Private Networks (VPN - IPSEC/SSL)
• Wireless security (802.1x/EAP)
• Token based security
• Encryption (3DES/AES)
• Content filtering (mail systems), SPAM,
• Routers and switches (access lists, traffic shaping)
• Security information management platforms (SIMS)
• Directory services (LDAP, Active directory services, NDS,)