A Veteran-Owned Small Business
Enterprise
About Us:
Enterprise
Security Partners (ESP) understands there is no “one size-fits all”
approach to Information Security. Every organization has different
priorities, applications and technology platforms that must be defended
against cyber threats and attacks from the internet, intranets,
extranets, and social engineers. A sound Information Security program is
the only way to protect your information assets while allowing your
business to continue to flourish.
ESP has developed
an Enterprise Security Practice that is client specific and is staffed
by highly skilled professionals with audit, technical and cyber-security
backgrounds.
IT
Security Audits and Vulnerability Assessments:
We audit the effectiveness of the security measures and technology
employed by the enterprise to assess compliance with regulatory,
industry best practices and ISO 17799 / 27001 standards. We identify and
report the threats and vulnerabilities that may pose a risk to your
information assets with our recommendations for remedial action.
Network
Penetration Testing and Virus Prevention:
We help our
clients harden their network arteries by implementing network access
controls, firewalls, router filters, and virus prevention and detection
software services. Our security experts use automated tools that scan a
predetermined range of IP addresses and perform over 400 tests aimed at
identifying known vulnerabilities in UNIX, Linux, Windows (NT, 2000, XP
and Vista) and TCP/IP based network systems.
Intrusion Detection and Monitoring:
ESP Security
professionals will perform both manual (e.g., default or trivial
passwords) and automated (e.g., brute force password) attacks to gain
access to client systems. We will help select and implement IDS/IPS
systems, complete with real-time monitoring and 24/7 incident response
and reporting, from our vendor partner, Internet Security Systems (ISS).
Security Policies and Procedures (ISO17799/27001 compliant):
Security policies
and procedures serve as the foundation for a corporate security program.
A corporate security policy defines what actions are authorized. The
policy must be set forth by management and have consequences for failure
to comply. ESP’s security professionals will evaluate and document all
applicable security policies, standards and procedures, and provide
recommendations for compliance with industry best practices and ISO
17799 / 27001standards.
Security Awareness Training:
Security
awareness is ongoing and must involve people
who are properly motivated and educated. Security awareness training
works best when it reaches everyone within the organization. ESP has
designed SAFE (Security Awareness For Everyone), a corporate security
training program which focuses on increasing awareness and understanding
of security threats and counter measures for all employees of your
organization.
