| | | | | | | |
 Consultancy
Networking
Infrastructure Design
Disaster Prevention
IT Security
Risk Analysis
Security Policy
Firewall Deployment
Penetration Testing
Intruder Prevention


Consultancy



Good security decision making cannot be performed without first determining security goals. Security goals are founded on such factors as organizational goals, business processes, services offered, ease of use, and cost of security measures versus risk of loss. These goals should be communicated to managers, end users, and operations staff through a security policy. A security policy is a documented and formal statement of the governing rules that regulate how an organization manages, protects, and uses assets. A security policy generally addresses goals, objectives, beliefs, ethics, controls, and user responsibilities in the form of high-level and generalized statements. More specific procedures and guidelines may accompany security policies. It is important to note that policies are distinct from procedures, guidelines and controls primarily in that policies are at a considerably higher-level and policies state areas on which management attention should focus. Key activities associated with this task include:

 Formation of a team to define policies
Defining the scope of policies
Identifying roles and responsibilities
Determining enforceability of policies
Ensuring the policies can be implemented
Determining who should be allowed access, to what resources, and how the access should be regulated
 Factoring "trust" into policy
 Addressing national security standards and guidelines
 Liability limitation

Real International Inc. works with designated customer staff to review existing security policies; both explicitly documented and implied. The results of the task are mapped into Security Policy documentation. Security policy documents will include, but not be limited to:

Identification and definition of roles and responsibilities
Network and system classifications
 Data classifications
 Data segmentation
 Computer and network usage guidelines
 Privacy policy
 Access control policy
 Authentication policy
 System and network maintenance policy
 Violation Implications

Additionally, Real International Inc. is available to assist staff in the development of more specific procedures and guidelines documentation.