1 / 24

SecureAware

SecureAware. Building an Information Security Management System. Challenges. Complying with multiple regulations, requirements and best practices Documenting compliance and security activities Creating, managing and disseminating effective policies

reeves
Download Presentation

SecureAware

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SecureAware Building an Information Security Management System

  2. Challenges • Complying with multiple regulations, requirements and best practices • Documenting compliance and security activities • Creating, managing and disseminating effective policies • Tracking policy knowledge, understanding and awareness

  3. Trends • Complex Global Regulations • Legal liability risks • Supply chain and B2B trust • Maturing standards • Risk Management increasingly part of IT Security

  4. The SecureAware Solution • SecureAware enables your organization to: • Have efficient compliance management • Create and disseminate rational policies • Ensure organizational accountability through unique user awareness programs tied directly to your policies and process • The Human Firewall • Perform Enterprise Risk Management (ERM) • Build an Information Security Management System (ISMS) aligned directly to your business

  5. SecureAware Modules

  6. SecureAware Platform

  7. Key Technical Specifications • Java 2 Platform Enterprise Edition • Major SQL Platforms Supported • Hypersonic SQL included • LDAP and Active Directory Integration • XML, Web Services, and CSV for data exchange • Microsoft SharePoint Integration

  8. Certify Once, Comply Many

  9. Policy Management • Create Policies with Expert Guidance • Leverage ISO 27002 or your own policy • Link to or import related documents • Extend with industry specific standards

  10. SecureAware Automatically • Generates PDF, Word and HTML Versions • Creates Policy Quizzes • Maps Policy again Standards and Regulations • Creates Custom role-based reports • Records who read the policy • Tracks training and awareness progress

  11. Policy Management

  12. Compliance Workflow Module • Fully integrated into Policy Module • Mange compliance oriented projects • Policy Development • Internal Audit • External Audit • Distributes tasks to owners • Integrates with email and Active Directory

  13. Compliance Gap Analysis Module • Check lists similar to controls in ISO 27002 & BS7799 • Complete questionnaire including: • 135 Controls • ~600 implementation guidelines • Role based compliance assessments • Individuals are assigned to different parts of compliance assessments • PDF reports with overview and details

  14. Audit Questionnaire

  15. Detailed Management Reporting

  16. Risk Assessment Module • Business Impact Assessments • Vulnerability Assessments • Interest Level Assessment • Role-based Interviews • Archive for assets, systems and business processes and their relationships • PDF reporting

  17. Risk Assessment Module • System Oriented Assessment • Qualitative Method • Use your own numerical weighting • Based on • Confidentiality • Integrity • Availability • Outcomes relates to business processes

  18. Multi-lingual Reporting

  19. Risk Assessments – 5 Quick Steps! • Business Processes and IT System • ID and dependencies • Assign Assessment Roles • Create and Start and Assessment Instance • Interviews • Review Draft Report

  20. Awareness Program Module • Animated films for end users • Test for best practices and company policies • What makes a good password • What is the company policy for password storage • Management Reporting

  21. Customize all Awareness Components

  22. Animated Courseware

  23. SecureAware Skins

  24. Thank you www.lightwavesecurity.com

More Related