Definition of ICT security standards
ANECT won a contract to define ICT infrastructure security standards for one of its large clients. The new security standards should reduce the risk of any intentional or unintentional breach of safe use of the ICT infrastructure and ensure compliance with all legislative requirements.
The client's requests:
- Revision of all existing ICT infrastructure security standards.
- Removal of existing ICT infrastructure problems and deployment of new elements and processes ensuring ICT security.
- Train and educate employees and ICT specialists so that they refrain from risky behaviour.
- ICT infrastructure security standards were not completely developed and defined
- The knowledge of employees and ICT specialists concerning ICT security was poor and did not correspond to the company's security policy.
- There was no security management process ensuring regular inspections, removal of issues and sustained improvement of security.
- There was no controlled documentation on security rules defining the operation and development of ICT, or current security standards, roles and responsibilities.
- There was a continuous threat of loss or damage to data, unauthorised access to data and leaks of sensitive information, which could lead to a reduction in the organisation's credibility.
- We informed the management of their duties as defined by relevant legislation and amendments to it.
- There was a risk of breach (and/or concrete breaches) of personal information protection legislation.
Individual implementation phases:
- Analysis of existing ICT security
- Proposal for alternative security standard solutions and implementation of approved standards in client's environment at the level of managed organisational documentation (i.e. guidelines) concerning implementation and observance of ICT security standards.
- Evaluation of compliance of the existing security measures with legislation and/or corporate standards.
- The client obtained an expert analysis of the status of their ICT security.
- ANECT proposed several alternative security solutions for the client's enterprise network.
- The proposed ICT standards were prepared as recommendations.
- As part of the project, ANECT summarised the implementation, inspection and improvement of security in organisational documents customised for the client.
ANECT's input improved the client's ICT security by implementing current best practice and removed the risk of the client's organisation and/or its management being in breach of relevant legislation. Revised ICT security standards reduce the risk of internal and external threats to the client's IT infrastructure and data.
We can implement a similar solution in your environment. If you are interested in this solution and want to know more, contact your ANECT sales representative and/or fill-in our contact form.