Typical Problem

Information is a company's most valuable asset, yet in many business environments it is not properly controlled and protected. Existing in many forms, such as digital, printed, verbal, etc., and transmittable via so many different means (IT systems, fax machines, mail, telephone, etc.) makes the information difficult to control. The growing connectivity of companies with business partners, suppliers and clients offers exciting new opportunities but also major risks. Deficient handling of information often results in growing losses and shrinking markets.


Our Solution

Information Security is a solution that significantly contributes to a company's strength. This multidisciplinary capability is based on a holistic approach that enables companies to increase exposure in promising markets while effectively reducing risks and losses related to the confidentiality, availability, reliability and survivability of their information assets, technologies and processes. This effect is achieved by minimizing the impact of malicious internal and external factors, as well as errors and negligence. Information Security constitutes a strategic risk management tool. This is achieved through a combination of.

Information Systems Security (ISS)

• Simulation of attacks and penetration tests on computers, communication installations and applications to pinpoint vulnerabilities
• IT comprehensive risk analysis including administration aspects, all technological environments (HW and SW), and communication
• The design of secure topologies and construction of security plans
• Security solutions for IT administration, computerized systems, servers (UNIX, NT, OS/390, OS/400, VMS, Novell, Windows NT, 2000, etc.) and infrastructure components (Routers, WAN, LAN, Internet Access, RAS, etc.)
• Definition of security needs for modern services and new systems, and accompanying security related processes during the implementation of changes in existing systems
• Comparison of security products and recommendations for the most appropriate product vis-à-vis current and future security designs
• Evaluation and preparation of companies to meet Information Security standards as required by regulators
• Disaster Recovery Plans (DRP) for infrastructure, computer systems and databases
• Establishment of management IT Security Policy
• Audit of system security policies
• Development of operational and security procedures
• Mapping of computerized systems, establishing sensitivity and access rights
• Training staff in areas of IT Security

• Establishment of a corporate information security policy (based on BS7799 and ISI - Israeli Standards Institute)
• Internal structure with definition of interfaces, roles, responsibilities and profiles
• Information mapping and classification
• Adjustment of processes resolving information vulnerabilities and adding controls
• Enhanced physical access control (access control, CCTV, alarms, etc.)
• Motivation, commitment and awareness campaigns
• Information Security Training

• Risk reduction: Improved achievement of business goals by keeping sensitive information out of the reach of competitors and malicious or negligent entities.
• Business growth: Enable operation of new services (eCommerce, Internet Banking, B2B solutions and more) with controlled exposure to risk.
• Cost reduction: Substantial reduction of information and system recovery costs due to reduced malicious and error related risks.
• Information culture change: Placing Information Security on the organizational agenda, thus creating a better work environment.
• Creation of an Information Security apparatus: Transfer of skills and technology accompanied by an accelerated Information Security learning curve, enabling clients to sustain long-term, low risk levels.

• Increased productivity as a result of better focus - a product of the information exchange on a "need-to-know" basis.
• Lower operational costs as a result of the reduced information exchange.