Security Architecture

We will work with our customers to:

• Identify business objectives, goals and strategy
• Identify business attributes that are required to achieve those goals
• Identify all the risk associated with the attributes that can prevent a business from achieving its goals.
• Identify the required controls to manage the risk
• Define a program to design and implement those controls:
  • Define conceptual architecture (Information architecture, Certificate management architecture, Access control architecture, Application security architecture, Web services architecture, Communication security architecture)
  • Define physical architecture and map with conceptual architecture (Hardware, Network, Operating system, File and Database security, practices and procedures)
  • Define component architecture and map with physical architecture (Security standards (e.g., US National Institute of Standards and Technology [NIST], ISO), Security products and tools (e.g., antivirus [AV], virtual private network [VPN], firewall, wireless security, vulnerability scanner), Web services security (e.g., HTTP/HTTPS protocol, application program interface [API], web application firewall [WAF])
  • Define operational architecture (Implementation guides, Administrations, Configuration/patch management, Monitoring, Logging)