The fundamental building blocks of a secure environment are a robust and scalable architecture defining the systems and technology to be used, and an enforceable policy framework that ensures correct usage and management. Both of these elements must work together to enable an organisation to perform its core function securely.
Once established, a secure system must be constantly re-evaluated to ensure that it still complies with the relevant standards that were used to define it, and that its usage complies with the policies set out. Policies must be developed in accordance with the relevant standards such as “AS/NZS 7799.1:2001 Specification for IS Management Systems” and “AS 13335.4-2003 : Information technology - Guidelines for the management of IT Security - Selection of safeguards”. Having these policies however, is not enough. Activities to ensure ongoing review and compliance are essential to maintain the effectiveness.
All of these tasks require specialist awareness of the security landscape, an understanding of the business context, a thorough knowledge of an organisation’s existing systems and practices, and an appreciation of the commercial aspects relating to the introduction of any new security infrastructure.
At ThinkSecure our consultants have a vast range of experience in defining and creating secure architectures for many different types of business. From large scale Internet banking infrastructure to small multiple-branch office deployments, ThinkSecure has developed secure architectures and policy frameworks to suit. Many of our customers have maintained an engagement with us through the entire life cycle and replacement of their systems, as well as expanding our brief into other security-related areas of their business.