The objective of our information security management solution is to ensure the confidentiality, integrity, and availability of an organization’s data. All processes, tools, and procedures used to support that objective should be measurable and auditable to ensure compliance and facilitate continual improvement. To that end, our solution will address the following:

●     24x7 monitoring and incident response

―     Security event long monitoring and correlation using RSA enVision

―     Logs collected from the six (6) firewalls in-scope

―     Logs collected from the two (2) McAfee IntruShield Intrusion Detection System (IDS) devices

―     Logs collected from the 25 identified critical systems  from Host-based Intrusion Detection system McAfee Host Intrusion Prevention for Server

―     Vulnerability Logs collected from the 49 devices (distributed systems, routers, switches and firewalls)

―     Customized protection for web and database servers

―     For web servers, use predefined shielding policies and rules to prevent attacks (such as directory traversal, Unicode, and denial of service attacks) and data loss;

―     database servers, examine database queries to prevent SQL injections and use shielding and policy rules to ensure normal functioning and prevent data tampering

―     Management and tracking of events using Operational Process Application Suite (OPAS)

―     Initial triage and escalation to the relevant teams

―     Firewall, anti-virus, and IDS event correlations

―     Ongoing configuration and tuning of signature updates of NIDS sensors

●     Anti-virus management

―     Support MCD’s Symantec AV deployment ensuring Hogan DC systems have the latest AV signature files

―     Anti-virus management servers and repositories running current, supported levels and definitions

―     Initial triage to any virus occurrences and sending of instructions on remediation to the relevant teams

●     Reports generated to show compliance of enterprise computers by tracking definitions and products

●     Vulnerability

―     Perform scheduled and on-demand scanning, against all 47 distributed systems, 4 switches, 2 routers, and 6 firewalls located in the Hogan DC facility, utilizing Critical Watch Fusion Vulnerability Management to efficiently automate the numerous steps associated with identification and remediation of network vulnerabilities in enterprise networks

―     Profile assets including ports, operating systems, services and applications

―     Analyze network from both internal and external vantage point

―     Manage remediation activity providing platform, assigning, tracking and validating remediation

―     Provide reporting following each scheduled and on-demand scan.