Our approach is based on the proposition that an information asset's value, threats, and vulnerabilities represent the level of the risk associated with that asset. As the significance of these factors increases, the risk also increases. Conversely, reducing any of these factors significantly reduces risk. All three factors must be understood before it is possible to assess risk in a reliable manner.
Information security threats range from inquisitive prowlers to technologically sophisticated hackers.
Vulnerabilities include unauthorized access and disclosure, compromise of information integrity, or denial of service.
The value of assets may be the potential benefits of doing business on the Internet or the value of information stored on the network.
Our assessment engineers have the strategies and techniques necessary to help measure all factors of the risk equation. We measure value in terms of the availability, integrity, and confidentiality of an information asset and its importance to a firm's strategy or continuity.
We are interested in the negative impacts that events or actions could have on the value of an information asset. We measure these risks in terms of
Source (internal or external)
Nature (structured or unstructured)
Agents (hostile or non-hostile)
We measure vulnerabilities in terms of the absence, inadequacy, or inconsistency of security facilities and processes.
Once we have completed these measurements, we can identify and recommend the appropriate safeguards.
Implementation of Your Information Security Plan
Implementation of EVC Security Assessment includes the following phases:
Project Initiation: defines scope and areas of focus
Value and Threat Assessment: determines value and threats
Risk Measurement: compiles value, threat, and vulnerability data
Risk Analysis: generates views of risk
Results Delivery: provides risk profiles, security enhancements, documentation of vulnerabilities, "quick hits," and long-term recommendations.
Intrusion Detection and Internet Security Design
Is your business facing increased scrutiny of its network security and information security systems from various parties including Government regulators and auditors? Is the privacy of your customer and corporate information critical to your business?
EVC can design and build for your business a network infrastructure that provides the highest level of protection - protecting your business from unauthorized access and other threats to its computing resources from the public Internet and internal users.
EVC builds its network systems using best of breed firewall, monitoring, and filtering products from trusted vendors such as Cisco, Postini, WebSecure, Microsoft, and others.
Velocity Network solutions are built with flexibility and scalability in mind. This also applies to the management of your system. Your business can outsource the management of your systems, it can share the load, or it can take over these functions entirely.
Intrusion Detection and Security Capabilities and Features
EVC’s Internet Security Design Services are comprehensive covering every aspect of your Information Systems. Our services include