"Security" is a broad term -- in reality it's a very complicated ecosystem where technologies, people and processes meet. It's difficult to gauge your overall maturity, and know the right areas to focus and how to prioritise resource and budgets focusing on the root-cause of problems. Additionally, security exposures and risks aren't always technical weaknesses, they can arise easily due to rushed deadlines, rapid growth, mergers and acquisitions and also budgeting constraints.
Our Maturity Health Check service is a review process to evaluate the maturity of all major facets for managing information security in your business. This service typically leverages on soft-skills and our extensive experience to work through technologies and processes to understand your security posture. We then leverage this information to provide a prioritised list of recommendations for your to take action in a practical and cost-effective way.
At elttam, your project is delivered by a reputable team of security professionals who have extensive experience managing business security strategies.
Initial meeting to discuss the health check, set expectations and ensure SME's and management are prepared and available for our onsite visit.
Onsite meeting to step through the health check with personnel for each component (technology, people and processes), discussing in detail your current circumstances.
Review all available evidences related to the health check, such as compliance requirements, past security test reports, security metrics and so on.
Perform essential research and security assessment activities (e.g. penetration testing) for areas which require active assessment if required.
Present a detailed report encompassing your current security maturity level and a prioritised list of recommendations to take action. Job done!
Contact us to receive the full detail of our methodology.
The following is a snapshot of our assessment areas:
Network and firewall setup, configuration and management.
Data protection technologies and processes.
Security awareness of employees at different roles, e.g. devs, Ops, CXO
End-point configuration. System and device deployment, hardening and management.
Software Development LifeCycle practices and application security.
Identity management and access rights management.
Audit and compliance preparation and readiness.
Preparation and readiness for disasters and incidents.
Facility, building and personnel physical security practices.
A structured methodology built on proven best-practices (CAPEC, OWASP, OSSTMM)
A team with an established reputation and over a decade of experience
Tailored security services to fit any project or business
Providing services to global software companies and ASX listed enterprises
Made in Australia!