Main scope of our professional services is to help our customers to gain maximum added value from existing investments. We provide following professional services: Consulting, Analyses, Design and planning, Prof of concepts, Implementation.
Infrastructure services for optimization of performance and costs of existing components of the network, data center and security infrastructure.
Key areas of this infrastructure services are services of planning, consulting and integration of data centers, secure authentication and authorization, digital identities and protection of data with PKI technologies.
- Virtualization of data center.
- Licensed and performance analyze and optimization of software and hardware of data centers.
- Construction and upgrading of data center.
- Establishment and management of control and helpdesk systems.
Services of introduction of solutions of identity management, rights and audit trails.
- Analysis of state of digital identities and establishment of identity management for providing unified identities in intranet and WEB SSO for internal and external applications.
- Analysis of rights, planning and implementation of appropriate protection of accesses by the principle: ”Minimum rights for complete implementation of working process” (”Need to know principle”), with complete system of access recording, which is consistent with the law, state and technological regulations.
- Analysis and introduction of central identity provider (Enterprise ID).
Services for data protection with mechanisms of digital encryption, masking and time-stamping, based on cryptographic mechanisms.
- Analysis of requirements and selection of optimal software.
- Planning and implementation of infrastructure.
- Planning and design of solutions for data protection:
- Digital signature;
- Central authentication system.
- Counseling and establishment of data protection with secure authentication mechanisms: digital certificate, one time password.
- Analysis of requirements for protection against run-off data, introduction of PKI solution and encryption of documents.
Technical protection of critical information on infrastructure level.
- Planning and ensuring compliance with regulations: ZVOP, ZEPEP, PCI, ISO27001.
- Analysis of security of applicative solutions and planning of higher level of protection, including solutions of stronger authentication, unified authentication, traffic protection against applicative and data servers.
- Protection of applicative servers by preventing exploitation of weakness, such as XSS, SQL injection, exceeding memory …
- Review of security of infrastructure:
- External and internal security check; (can replace the main point).
- Review of security of applications:
- Static analysis of source code.
- Dynamic analysis with application review and implementation of penetration tests.
- Introduction of a system for recording access to data based on user identities and recording events of logging into the central system.
Want more information?