Coreseca provides guidance and validation to organizations concerned with securing their assets.

Architecture

Core

Security

WHO WE ARE

Seasoned Professionals

Core Competency

Coreseca's team is comprised of seasoned network and security engineering professionals.  Our core staff was instrumental in the design of one of the worlds largest carrier networks.  We believe that uncompromised security requires honest and dedicated domestic talent. Coreseca does not outsourse or recruit offshore talent.

Our highly analytical staff strives to look beyond the box.  We have many decades of demonstrated experience securing some of the most difficult network environments.  We have the hands on experience architecting , deploying and supporting security technologies for both wireline and wireless  carriers since the inception of the Internet.

Our perspective on asset security encompases all facets of threat management. We closely follow the internationally accepted ISO-IEC 17799 2005, the "Code of Practice for Information Security Management" as amended.

Information is an asset that is essential to an organization’s prosperity and should be dilligently protected. This becomes increasingly important as the business environment becomes more interconnected. With this ever increasing interconnectivity, information is exposed to exponentially greater vulnerabilities.

 

Information exists in many forms. It can be presented as hard or soft copy, transmitted electronically or by post, even spoken in conversation. Whatever form the asset takes, or technology by which it is distributed or stored, it should always be appropriately protected.

 

Organizations and their information systems and networks are faced with security threats from a wide range of sources, including computer-assisted fraud, espionage, sabotage, vandalism or by acts of God. Damage such as malicious code, computer hacking, and denial of service attacks are increasingly common, highly ambitious, and very sophisticated.

PERIMETER

Firewall Enforcement Point

Perimeter Enforcement

Analysis of perimeter security and routing platforms employed.  Verification of effective rule based configurations, access lists and IPS / DPI strategies.  Currency of patch levels, signatures and general hardening. Recomendation of current state technologies if applicable.

MORE

V

CORE

Switch Router

Core Network Optimization

Analysis of IPv4 and IPv6 addressing schemes, Routing protocol implementation, Core router / switching log analysis, Firmware currency, network capacity analysis and future growth forecasting.

MORE

V

APPLICATION HOSTS

Virtual Data Center Virtualization Cloud

Host Configurations

Local or virtual hosts are scrutinized to ensure stringent best practice protocols have been adhered to.  Access protocols, permissions, detection, prevention, and recovery controls to protect against malicious intent are identified and validated.

MORE

V

USERS

Desktop PC Client Computer

User Access

Ensure proprietary data exposure is limited to absolute need to know individuals.  User credentials folllow Best Practice policies for password expiration, retention and systems access. Identify stale user accounts and shared global logins. Ensure Anti Virus currency and deployment.

 

^

PREVIOUS

SERVICES

Security Strategies

Identify Assets

Architecture Reviews

Assistance with development of sound business practices to ensure sensitive company assets are properly identified and secured. A first step in ensuring that a sound set of policies accurately identifies business proprietary  information and the risk of it's public exposure.

Business assets exist in numerous media formats. Some may exist as hard copies and most will exist in electronic formats.  The type of asset, it's life cycle and value will be documented.

Designing a secure scaleable network infrastructure requires consideration of many aspects of the transport, traffic  volumes,  administration  and growth.  The Coreseca  engineering staff has many decades of hands on experience providing solutions for the most demanding environments.

Best Practice Audits

User Account Audits

Staffing Changes

Periodic independent audits identify lapses in sound  security policies eliminating the the risk of poor security policy enforcement.   Management and staff are evaluated for adherance to established company policies, methods and processes.

Audit and validation  of machine and user accounts, their currency, aging, strength and vulnerability to compromise.  It is essential that administrative / root access be restricted to a minimal set of absolutely necessary users. Account password strength and expiration enforcement  policy reviews.

Coreseca will  assist clients when there is a need to facilitate an orderly transition of network engineering or  security staff.  One of the least addressed necessities in business IT is the vulnerabilities associated with the inevitable staffing changes that occur within sensitive senior IS administrative positions.

Vulnerability Scans

Regulatory Compliance

Management Analysis

Coreseca  provides full vulnerability scans for networked hosts both publicly and privately accessible.  Standardized practices recommends this be performed at least monthly against all public and private addresses deployed within the customer's  environment.

Government regulations such as HIPAA, SOX, PCI  DSS and the GLB Act require changes to many network security infrastructures and IT procedures.  Ensuring compliance can be a tall order. Coreseca is here to help.

The best documented asset security policies are worthless without competent management and diligent enforcement.  It is imperative that management at all levels clearly understands the importance of these policies.

CONTACT US

Submitting Form...

The server encountered an error.

Form received.

Employees