EventsSupportClient Contracts PortalOnline OrdersCareersContact Us
     

Security

A security program is only as good as its weakest link. Combinations of technical and non-technical solutions are required to maintain a well-rounded security program and to operate a defensible infrastructure.

Alexander Open Systems addresses the spaces that are at the highest risk and that provide the highest value. The use of security solutions gives our customers a competitive advantage, enabling them to use business resources and access information securely. A combination of protection, detection, and response-based administrative and technical solutions are required to provide a layered “in-depth defense” approach to your key business assets.


Risk & Compliance Assessments

Understanding key business assets and the valid threats facing those assets is the first step in creating a security practice for your company. AOS works with key data owners to evaluate both financial and business impacts. By combining that information with an industry standard (ISO27002) best practices guide to security we can determine the likelihood of threats facing each asset.


Regulatory Compliance Consulting

AOS expert consultants have dozens of years of experience in regulatory compliance including HIPAA, PCI-DSS, Sarbanes-Oxley, and more. AOS can help you move beyond “compliance checkbox complacency” to enable regulatory compliance as a key business driver and competitive differentiator. A good security program aligns itself with an organization’s business needs to help keep things secure, while still enabling the business to maximize efficiency and operational capability.


Security Awareness Training

In most organizations, people are the usually weakest links. Proper awareness training and enforceable policies are crucial to security success in businesses today. AOS can help prepare and deliver awareness training ultimately strengthening the human factor in company security.


Vulnerability Audits / Penetration Testing

Our certified engineers will test your key business assets with tools to assess their security. We can optionally include advanced Application and/or DB testing (SQL injection, etc.). AOS will provide not just testing but actionable business risk and impact analysis. This leads you to an actionable, weighted plan of attack: what to fix, in what order, and why!


Incident Investigation, Forensics, Recovery

In the event an information system is compromised, AOS can help get you back on your feet, determine where the threat came from, and help you to prevent it from happening again. Such events may include virus outbreaks, system breaches, or general loss of availability to key systems.


Firewalls

Firewall designs include features that segregate, protect, and hide the systems on the trusted portion of the network from areas of less trust (such as separating web or email servers from the untrusted internet, or segmenting cardholder systems to achieve compliance with PCI-DSS). Firewalls today have the ability to include advanced application services, such as: network anti-virus, URL filtering, IDS/IPS, SSL VPN, IPSEC VPN, and Advanced Authentication Options.


Intrusion Detection / Prevention

Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) allow a security administrator to increase visibility. Network traffic can be monitored for abnormal or malicious activity and be prevented from reaching their target system.


Remote Access & Network Encryption

The need for access to information and network resources from anywhere in the world has driven the need for remote access solutions. The most common methods for delivering encrypted access to protected resources are IPSEC and SSL VPN technologies. These options can be complemented with two factor authentication and standard directory integration.


Endpoint Security (Anti-Virus, Anti-Malware)

Computer viruses are one of the oldest threats to information security. Viruses and malware can significantly compromise the integrity of information systems. Enterprise antivirus solutions use a layered approach that include Messaging, Web, Network, and Endpoint security. Industry leaders partner with AOS to provide best-in-class antivirus


Email Security (Anti-Spam, Email Encryption)

With email being an essential communication tool for any modern organization, it is important to protect your organization from some of the challenges faced by messaging administrators all over the world. AOS solutions can help ensure the confidentiality and integrity of key business information delivered over email.


Web Content Filtering

Today’s solutions not only block undesirable websites and enforce company policy but can be used to measure productive use of the internet resources. Advanced solutions can provide web usage controls down to a sub-application level. For example they can allow certain users the ability to update a company Facebook page while blocking access to Facebook applications such as Farmville.


Security Information & Event Management

Modern volume of log data makes it impossible to manually cross reference events between systems. SIEM solutions help solve this problem through automated alerting, reporting, and investigation of events as they occur.


Identity Management & Single Sign On

Password security and user access issues have become a major concern for organizations. Balancing usability of operational efficiencies & security is the only way to effectively decrease the risk created by the network’s weakest link, people.


Disk or File Encryption

Data at rest has become an easy target, especially data left unsecured on mobile devices such as laptops or PDAs. If a system is ever lost or stolen, an enterprise may be exposed to significant risk of financial loss, legal penalties, and damage to the company brand. AOS is positioned to offer customers state of the art encryption technology to help meet regulatory compliance, and assure data is not compromised if portable media is lost or stolen.


Data Loss Prevention (DLP)

Protecting customer information and other confidential data from malicious and accidental leaks is one of the top businesses/ security challenges facing organizations today. AOS can help its customers assess their data risks, and provide the products and services they need to keep their sensitive information safe.


Patch Management

Assessing and maintaining the integrity of software in a networked environment through a well defined patch management program is the key first step toward successful information security, regardless of the physical access restrictions to a computer.

Security Assessment Tools

Enabling our customers to perform local vulnerability assessments helps them to better understand their environment and relevant threats facing their key systems. AOS can both sell and help train customers on how to use the latest assessment tools in the market today!

Example External Vulnerability Assessment:

Executive Summary Example »

Technical Summary Example »





Ironport

Websense