This website uses cookies. View our cookie policy
Close
United Kingdom
Select regional store:
Technical Cyber Assurance Service (TCAS)

Technical Cyber Assurance Service (TCAS)

SKU: 4900
Format: Consultancy
Availability: Always available

Strengthen your security posture by improving the technical defences across your IT estates: networks, systems and applications. (G Cloud Service ID: 1780 3515 7488 912)

Enquire about this service now

 

CALL TO ORDER

Description

IT Governance’s TCAS provides an extensive review of the security posture across cloud networks, systems and applications. This comprehensive, end-to-end solution provides independent advice on the selection, design, implementation, configuration, management and testing of secure cloud network architectures and supporting functions.

The process flow for all network evaluations of TCAS is as follows:

  • Designing effective mitigation strategies to meet current and future threats
  • Selecting appropriate security products, components and technologies to mitigate relevant threats
  • Implementation and configuration of core security technologies
  • Alignment with Industry best practice, architectural frameworks, standards and protocols
  • Assurance and testing
  • Designing, implementing and developing documented processes for maintaining the integrity and security of a system or solution through its full life cycle

 

Benefits

Who this service is for

This service is for small to medium-sized enterprises that need to comply with industry standards, governmental standards or regulatory requirements. A preliminary scoping exercise is essential to understand business requirements, assess current maturity and infrastructure, and establish points of contact with senior stakeholders.

Network Architecture

Network architecture focuses on the technical nature of cloud networks providing clients with network design consultancy.

  • Network Topology Overview
    • We will assess your network topology to ensure that effective hardware security controls are in place at network junctures.
    • We can recommend improvements and assess the compliance of your existing infrastructure based on industry best practice and standards.
    • Optimisation of your network through the assessment of current network behaviour and traffic.
    • Assistance with network expansion through the provisioning of appropriate technologies (e.g. MPLS).
    • Guidance on network segregation for various services and users such as VPN, BYOD.
  • Cloud Computing
    • The effective management and ongoing security controls of your cloud services.
      • Authentication and authorisation in the cloud.
      • Leverage existing role based access controls (e.g. AD/ADFS).
  • Disaster Recovery
    • Assistance with building or procuring a robust disaster recovery facility to aid business continuity.
    • Assurance on the network security controls governing the disaster recovery facility.
  • Public facing services
    • Assistance with securing public facing services.

 

Free resources

To find out more about this service, download our free brochures, including:

 

Network Systems

We offer support with system selection extending to both software and hardware. This service primarily focuses on vendor selection (e.g. CISCO, Juniper) and software-house (e.g. Windows, Linux) solutions, ensuring that products are compatible and are best suited to your requirements. This service provides solutions that are holistic to your requirements and organisation size and structure.

The network systems service focuses on:

  • Firewall configuration:
    • Assistance with firewall rule configuration.
    • Testing that existing rules are effective.
    • Overview of Application Firewalls for public/internal services.
  • Database selection and security
    • Assistance with securing databases through internal and external network controls.
    • Support with selecting an appropriate database for your business needs and scalability.
    • Access controls pertaining to database access.
    • Guidance on the data lifecycle and regulatory compliance such as the Data Protection Act and impending EU GDPR.
      • Obfuscation of data.
      • Secure storage and deletion of data.
  • Email services
    • Assessing the security controls of your email infrastructure.
    • Support and guidance with migration to the cloud.
    • Assistance with email security mechanisms such as SPF, DKIM and DMARC.
  • Cloud computing
    • Assessing the validity of a cloud based solution for your business.
    • Evaluation of cloud service providers alongside your business requirements.
    • Assistance with the secure migration of data to the cloud.

 

Network Applications

Our Applications service is designed to enhance your physical network security through the selection, deployment and configuration of network tools and monitoring software. This will typically include such items as Network Detection Systems, End-Point Protection, Malware Detection, Email Filtering, MDM, Web Traffic Filtering, and Data Loss Prevention.

The Network Applications service assists with:

  • Developing a Security Information and Event Management (SIEM) system.
    • Providing advice and guidance on the effective monitoring of your network.
    • Assisting with vendor selection holistic to your business requirements.
  • Anti-virus deployment throughout your organisation
    • Assistance with the configuration and deployment of your AV solution to all devices (severs, end points).
    • Effective management of this system through monitoring control frameworks.
  • Host Intrusion Detection
    • Configuration of Host Intrusion Detection systems to ensure visibility throughout the network.
    • Propagation throughout your corporate network.
  • Rogue system detection
    • Guidance on the effective control of rogue devices.
    • Ensuring that Rogue devices are quarantined or managed.
  • Gold Images and scripted builds
    • Approval of gold images and scripted builds to enhance the secure deployment of new hardware.
    • Management of the gold image and scripted build process ensuring that it is up to date and follows industry best practice.
  • Mobile Device Management
    • Assistance with selection of an MDM solution.
    • Assurance and evaluation of control effectiveness throughout the network.
  • Web Filtering Technologies
    • Assistance with selection of web filtering technologies.
    • Vendor selection through assessment of business requirements.
    • Assurance of effective configuration of the service.
  • Data Loss Prevention
    • Assistance with the procurement of a DLP solution for your organisation.
    • Configuration and deployment of this system throughout your network.
    • Effective management controls for monitoring and evaluating events.

For more information on this service, download the Datasheet here.

 

Why choose IT Governance?

IT Governance is widely recognised amongst UKAS accredited certification bodies as a leading consultancy firm and is listed on the following:

  • BSI Management Systems UK Associate Consultant Programme
  • Bureau Veritas Certification approved list for the implementation and management of ISO 27001 and ISO 20000
  • Alcumus ISOQAR consultant database
  • LRQA Consultant Network
  • G Cloud 9
  • NQA consultant database
  • DNV consultant gateway
  • International Board for IT Governance Qualifications (IBITGQ)
  • Institute of Information Security Professionals (IISP)

 

Customer Reviews

(0# of Ratings:)
Loading...