Axoss Security Awareness Services
0 likes373 views
An information security awareness program is a tool that all companies need to implement to educate staff on security issues and responsibilities. Such programs are important because people are often the weakest link in security, but with proper training people can better protect systems and information. Axoss provides guidelines and services to help organizations design, develop, implement, and evaluate effective security awareness programs that change user behaviors and reduce security risks.
Axoss Security Awareness Services
- 2. WHAT ? ABOUT AXOSS An INFORMATION SECURITY AWARENESS program is a TOOL that all companies, regardless of size, need to implement. Without one, serious IT risks may be overlooked. It is the ADVANTAGE of knowing what types of security issues and INCIDENTS staff members may face in the DAY‐ Axoss is a vendor independent Information Security Consulting firm TO‐DAY ROUTINE of their job function. that delivers Security Assessment Services across the public and private Organizations CANNOT PROTECT the integrity, confidentiality, and availability of information in sectors. today’s highly networked systems environment WITHOUT ENSURING that each person involved understands their ROLES AND RESPONSIBILITIES and is adequately trained to Axoss was founded by information PERFORM them. security experts, to provide top of line Security Consulting Services that tailored to meet our clients' needs. Axoss core services can be broken down into four categories: • Penetration Testing WHY ? • Vulnerability Assessment • Security Consulting Awareness of the risks and available safeguards is the FIRST LINE OF DEFENSE for security of • Security Training information systems and networks. Axoss has in‐depth knowledge of the As cited in audit reports, periodicals, and conference presentations, it is generally understood challenges faced by many by the IT security professional community that PEOPLE ARE ONE OF THE WEAKEST links in organizations in protecting users, attempts to secure systems and networks. The “PEOPLE FACTOR” ‐ not technology ‐ is KEY TO networks and critical business information from malicious attack or PROVIDING an adequate and APPROPRIATE LEVEL OF SECURITY. If people are the key, but are theft. also a weak link, more and better attention must be paid to this “asset.” A robust and enterprise wide awareness program is PARAMOUNT to ensuring that people understand their We always aim to deliver scalable IT security responsibilities, organizational policies, and how to PROPERLY USE and protect the solutions so that every company, IT resources entrusted to them. whatever their security budget, can continue to enjoy access to our expertise. http://www.axoss.com WHEN ? Many ORGANIZATIONS require FORMAL SECURITY awareness program for all workers when they join the organization and periodically thereafter, usually annually. The threat to information assets has never been so great. Vulnerabilities range from eavesdropping on a phone call to a STOLEN LAPTOP or even a MISCONFIGURED PASSWORD. Yet, small CHANGES IN BEHAVIOR can have a huge upside for information security. That’s why it’s every employee’s duty – from the EXECUTIVE SUITE TO THE PRODUCTION LINE – to make security a priority. All contents are Copyright © 2008 Axoss Information Security. All rights reserved. Axoss Public Information.
- 3. WHERE ? AXOSS provides GUIDELINES for building and maintaining a COMPREHENSIVE security ABOUT AXOSS awareness program. The guidance is presented in a LIFE‐CYCLE APPROACH, ranging from designing, developing , and implementing an awareness program, through post‐ Axoss is a vendor independent implementation EVALUATION of the program. Information Security Consulting firm that delivers Security Assessment The OBJECTIVE of the Axoss SECURITY AWARENESS service is to CHANGE THE ACTUAL Services across the public and private sectors. BEHAVIOR OF PEOPLE by raising awareness and providing appropriate training so that each member of the Organization can PROTECT their confidential electronic Information and: Axoss was founded by information • BETTER UNDERSTAND the RISKS when using and storing electronic information; security experts, to provide top of line • BETTER UNDERSTAND how to REDUCE the risks to the confidentiality, integrity, Security Consulting Services that and availability of confidential electronic information; tailored to meet our clients' needs. • BETTER UNDERSTAND their ROLES AND RESPONSIBILITIES for the protection of information and systems. Axoss core services can be broken down into four categories: • Penetration Testing • Vulnerability Assessment • Security Consulting • Security Training HOW ? Axoss has in‐depth knowledge of the Axoss Security Awareness PROCESS includes HOW TO : challenges faced by many • SELECT awareness and training topics; organizations in protecting users, • FIND SOURCES of awareness and training material; networks and critical business • IMPLEMENT AWARENESS and training material, using a variety of methods; information from malicious attack or • EVALUATE the effectiveness of the program; and theft. • UPDATE AND IMPROVE the focus as technology and organizational priorities We always aim to deliver scalable change. solutions so that every company, whatever their security budget, can The TOPICS the security awareness program covers will DEPEND ON the security awareness continue to enjoy access to our needs. Some of Topics covered in security awareness program include: expertise. • NATURE OF SENSITIVE MATERIAL and physical assets they may come in contact with, such as trade secrets, privacy concerns and government classified information http://www.axoss.com • EMPLOYEE AND CONTRACTOR RESPONSIBILITIES in handling sensitive information, including review of employee nondisclosure agreements • PROPER METHODS for protecting sensitive information on computer systems, including password policy and use of two‐factor authentication •Other computer security concerns, including MALWARE, PHISHING, SOCİAL ENGINEERING, etc. WHO ? AXOSS has been delivering Information Security CONSULTING services to help clients MITIGATE risk, secure their infrastructure and PROTECT their assets. We are FOCUSED on providing the best possible customer EXPERIENCE and are committed to delivering the HIGHEST LEVEL of service and support. We welcome any questions or requests you may have about our SECURITY AWARENESS service. Please don't hesitate to CONTACT US and one of our consultants will get back to you as soon as possible. All contents are Copyright © 2008 Axoss Information Security. All rights reserved. Axoss Public Information.