1 / 8

Rajaram Pejaver Security Engineer, CISSP

Rajaram Pejaver Security Engineer, CISSP. A brief summary of Security Services that can be provided. Security Assessment. Review your computing environment. Review your operating procedures and configurations. Understand your company's specific business risks.

jlynda
Download Presentation

Rajaram Pejaver Security Engineer, CISSP

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Rajaram PejaverSecurity Engineer, CISSP A brief summary of Security Services that can be provided.

  2. Security Assessment • Review your computing environment. • Review your operating procedures and configurations. • Understand your company's specific business risks. • Meet Audit and Regulatory requirements • HIPAA, GLB, FDA Title 21 CFR Part 11, NY State Insurance Dept. Reg. 173… • Investigate products that will help your situation. • Recommend ways to mitigate risks and improve security.

  3. Penetration Testing • Of Firewalls. • Of applications, networks and systems. • Use "Black Hat" tools to probe systems.

  4. Policy Development • A security policy is a starting point for creating a secure computing system. It is a set of rules stating what is permitted and what is not permitted in a system during normal and emergency operation. The policy should balance between productivity needs (convenience), cost of implementation, and the level of risk protection required. • Sample policies: • email usage & message retention policies • Acceptable Internet usage • Firewall configuration policy • Certificate Policies (CP) & Practice Statements (CPS)

  5. Security Architecture • Develop vision for securing a specific system or the enterprise. • Perform a “Gap Analysis” to identify the differences between current and desired situations. • Develop roadmap, deployment strategies and project plans.

  6. Security Engineering • Adapt available products to secure the computing environment. • Build point solutions as necessary to achieve desired security. • Integration of products into current environment. • Develop operating procedures. • Sample product areas: • Public Key Infrastructure, LDAP • Access Control • Intrusion Detection • Content scanning • VPNs & Firewalls • Encryption solutions

  7. Product Evaluation • Evaluate third party vendor products. • Negotiate product enhancements with vendor to suit specific needs. • Sample product areas (same as in previous topic)

  8. Other strengths • Versatile • Quality and detail oriented • Excellent writing & communications skills • CISSP • References on request

More Related