Security Enterprise Architecture & Implementation


Human Element's engineers have extensive experience implementing security enterprises of large and small scales.

 

Based on your requirements drivers we'll help you build an overall Security Enterprise Strategy taking into account your risk and compliance needs, using confidentiality, integrity, and availability concepts and security governance principles.

 

Governance

We'll help you build the Security Policies, Standards, and Procedures that form the basis of your security program. From there we'll address each aspect of your enterprise, helping you select and implement the most appropriate technologies, tools and products to achieve your security and business goals.

 

Security Engineering

Human Element will show you how to implement engineering processes using secure design principles. We have assisted commercial and Government organizations to effectively apply security engineering and evaluation models. First, we'll hep you define the most appropriate security controls for your information systems based on your risk, threat, and regulatory environment. Then we'll define specific security architectures, designs, and solutions to mitigate potential vulnerabilities. We have experience engineering web-based systems, mobile systems, embedded devices, cyber-physical systems, and cryptographic solutions as well as site and facility physical security.

 

Physical Security

A good Physical Environment Security Process must ensure that access to significant system hardware and facilities is appropriately restricted to a reasonable and appropriate number of authorized personnel. Although many organizations focus on the Physical Security of data centers or computer rooms the physical security of the workplace in general must be considered as well. Human Element will assess your current physical security environment and help you design and implement a solution appropriate to your risk, threat, and business objectives.

 

Communications and Networks

A company’s connections to the Internet represent an essential business asset that is used to perform a myriad of critical business services. These links also represent a direct connection to unknown organizations and individuals that can either directly or indirectly harm your organization's business or reputation. It is essential that Internet connections and the perimeter equipment that is being used to protect these points are properly protected with carefully implemented technical, operational, and management controls.

Human Element can assist your organization to implement a layered network protection model. This philosophy essentially means that an organization is not relying on only one megalithic security control to provide the majority of the enterprise’s protection, but is instead relying on an integrated series of complementary controls. This layering of protection elements allows for the flexible implementation of security as well as the capability to mitigate a range of threat types. We'll help you effectively architect, design, and deploy Border routers – representing the Internet facing router that is the “first line of defense” for the perimeter, External firewalls – representing the next major protection tier consisting of stateful firewall systems, DMZ network devices – network devices or firewalls that have Internet accessible servers connected to them, and Internal firewalls – representing the last network line of defense prior to accessing internal networks, systems, and internal protection controls.

 

Access Control - Identity and Access Management

A good Access Control program focuses on how the organization grants, revokes and modifies access to corporate assets i.e. Data, Systems, buildings, data centers etc. A key component of Access Control is the process by which users are provisioned and de-provisioned. Human Element can help you design and deploy an access control program that enforces the concepts of least privilege, separation of duties, and appropriateness of access permissions. We have real-world experience with all of the primary access control models including Mandatory Access Control (MAC), Role Based Access Control (RBAC), Discretionary Access Control (DAC), and Rule Based Access Control (RBAC or RB-RBAC).

 

Assessments and Testing

Somebody once said, "If you aren't measuring it, you aren't doing it." A key part of any security program is ongoing security assessments and testing. Human Element will help you define and implement a continuous program of internal and external vulnerability scanning, application security assessments, wireless and telecom testing, audits of logs and activity, host patch status and health, human-based vulnerability and asset status, all of this sprinkled in with occasional penetration testing. This testing is part of the overall vulnerability management life cycle and is key to your understanding of your risk at any point in time.

 

Security Network Operations Support

Human Element has assisted many clients to implement a network security operations capability. The goal is to support the day to day activities related to network security. We can help your network staff understand perimeter device access controls and firewall operations to include ruleset changes including appropriateness, alternative solutions, and post implementation troubleshooting. We can also can help your staff select, deploy, and operate VPNs, IDSs, and appliances such as Host-Based, and Enterpise level security management systems.

 

Application Security

Applications need to be implemented to not only perform their job securely but also to ensure they do not introduce new vulnerabilities into your enterprise. Application deployments must consider correct protection of data (at rest and in transit), authentication and authorization, secure connection management, and input filtering. Human Element has helped customers securely implement a myriad of applications, including point-of-sale solutions, financial applications, healthcare data bases, and specialized web-based applications.

 

Business Continuity and Disaster Recovery

Your BCP/DR program should be based on a risk management approach that ensures your most critical assets are protected based on their value to your business. Human Element will enable your organization to take the rights steps to restore critical operational activities, manage communications, maintain system integrity, and minimize adverse impacts of a security incident, disaster, business disruption, or other major event.

 

Vulnerability Management

Vulnerabilities are caused by poorly configured systems and devices, ineffective configuration management & change control, and inadequately maintained software. All systems at all layers have hidden vulnerabilities that can put the system and enterprise at risk. Typically the manufacturers of software will issue patches from time to time to address newly exposed vulnerabilities. The major problem is that most organizations do not apply the necessary patches in a timely manner if at all. Human Element has assisted many clients to deploy and maintain a robust program to ensure that vulnerabilities are mitigated in a timely manner and security personnel maintain situational awareness of their enterprise assets.

 

Intrusion Detection

Before you can select and deploy tools for intrusion detection, you need an intrusion detection strategy. How do you know what to look for and where to look? The solution, of course, is based on your understanding of your risk. The alligator closets to the tent? Of course. Human Element has extensive experience selecting, deploying and tuning intrusion detection solutions. We'll help you with your strategy and your deployment. Your program should not only address network event detection but also log collection and analysis as well as human event detection (see our Human-Based Cyber Defense page) and it must dovetail with your incident handling and response capability.

 

Asset and Data Security

Human Element will help you ensure proper protection of your critical assets by addressing each phase of the data life cycle. We'll guide you through the process of classifying your data and the trade-off and selection of the appropriate controls, handling procedures, retention, and disposal solutions.

 

Human-Based Cyber Defense

Your human assets need to be tracked and managed just like your IT assets. See more about our Human-Based Cyber Defense solutions.

 

Security Operations

In addition to Network Operations discussed above, Human Element can help you design and implement a comprehensive Security Operations program. This will provide you with policies, processes, staff and tools to implement an end-to-end capability to manage your security risks. Human Element will ensure your program is based on the appropriate regulatory and business drivers so you can deploy the right policies, access controls, security architectures, secure applications, asset protections and interact with your workplace staff in a positive manner. We'll ensure your program addresses logging and monitoring activities, provisioning of resources, investigations support, incident management, patch and vulnerability management, change management, business continuity and recovery strategies and tactics.

 

 

Call us to learn more: 1-888-987-SECURE (7328)

 

 

Meeting The Need For Security

Our experience spans diverse environments including manufacturing, retail, healthcare, financial, education, and insurance, as well as federal, state and local government agencies.

Call Us Today: 1-888-987-7328



Some Of Our Many Satisfied Customers:


Representative sample of security clients for Human Element