|
|
|
|
Strategy
|
|
|
|
|
 |
Security Management Process Flow
| Identity Management
Profile manageement for users, devices and resources on the corporate information infrastructure.
| Identification & Authentication
Identification will establish who is trying to use an infrastructure component (user, device, resource), where authentication will verify the identity and allow access to the information infrastructure component.
|
| Authorization / Access Control
As a part of the identity management, a defined (user, device, resource) profile will define access to a specific component of the information infrastructure. Therefore, after the authentication, a specific (user, device, resource) profile is assigned to determine access rights to information infrastructure.
|
|
|
|
|
|
|
| Data Protection (Encryption, DS, DW & Steganography)
Information protection applied trhough encryption, digital signatures, digital watermarking and steganography for a specific information classification. This encompasses both stored information and information in transit.
|
|
|
|
| Perimeter Network, Content Filtering & Intrusion Detection
Perimeter network was introduced by connecting corporations to the Internet. Special attention is given to the perimeter protection, which is making its way into intranets today. It encompasses firewalls, intrusion detection systems, and content filtering (web, mail, ftp and virus).
|
|
|
|
|
|
| Centralized Audit Log Management
All information infrastructure components and security systems generate log information. To properly analyze and correlate events, audit log information is collected and analyzed (reports generated) centrally.
|
|
|
|
|
| Information Security Management
Enables information security professionals to manage security components (identity, data protection, perimeter, audit log, information value and BRP) from a centralized location. The security management also encompasses alerts, escalation procedures and automated prevenetion, detection and forensic action.
|
|
| Business Resumption / Disaster Recovery Process Presents rocedures and technical processes to establish information infrastructure disaster recovery procedures to ensure defined business resumption process. |
|
|
|
|
|
| Business Process & Information Value / Classification To properly protect information resources, information value (strictly confidential, confidential, partner, public) and information owners should be defined and managed through information security management. |
|
|
|
| Information Technology Management
A set of tools or (as vendors call it) a framework to manage information technology, where information security management is one of the managed components.
|
|
 |
Risk Management Process Flow
|
|
| Security Infrastructure
Information security tools configuration and audit log information collected for the IT audit.
|
|
|
|
|
|
|
|
|
| Information Infrastructure
Information infrastructure (network, data, OS and Application) log information with vulnerabilities and threat data collected for the IT audit.
|
|
|
|
|
|
|
|
|
| Business Process
Business process and information flow analysis with zonning of the information infrastructure performed for the IT audit.
|
|
|
|
|
|
|
|
|
Information Value /
Classification
To properly analyze the information infrastructure, information value (strictly confidential, confidential, partner, public) and information owners should be defined.
|
|
|
|
|
|
|
|
| Audit
Summary and analysis of the information collected from multiple resources to deliver the IT audit. This encompasses all information infrastructure components and business process which utilizes corporate infrastructure.
|
|
|
|
|
|
|
Information
Security Model™
Scienton patent pending security model according to which information is modeled for the risk analysis and risk compliance calculations.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| Information Security Strategy
Risk analysis and information modeled utilizing Scienton ISM™ together with client defined business parameters will define short and long term information security implementation strategy.
|
|
|
| Risk Compliance - Industry Vertical Average
Scienton experience within industry verticals (financial, insurance & health) and Scienton model enables compliance calculations within industry vertical. This measurement provides CIOs with ability to understand where they are compared to their industry vertical competitors and peers.
|
|
|
| Risk Compliance - Industry Standards & Legislations
Scienton Information Security Model™ provides for calculations of compliance to government legislations and standards such as BS7799 and ISO 7498-2.
|
|
|
| Risk Analysis
Risk analysis using ISM™ processed information. The model facilitates recognized NSA, NIST, CSI formulas and methodologies.
|
|
|
|
|
|
|
|
|
|
|
|
 |
Smart Information Management Flow
| Artificial Intelligence Engine
Neural network system learned to control actions of the information management system for the security management system utilizing CRM or workflow engines.
|
|
|
|
|
|
| Security Management
Information security management system interacts with information management system directly or indirectly passing the information to smart engine to determine actions utilizing CRM or workflow engines.
|
|
|
| Customer Relation Management
Customer relation management system facilitates the actions of the smart management system.
|
|
|
| Job Workflow
Workflow engine developed to facilitate neural engine actions on information management system for the information security management.
|
|
|
|
|
|
|
| Information Management Systems
Management system or a framework to manage and enable control of the corporate information infrastructure.
|
|
|
|
|
|
home |
about us | strategy |
products | services |
partners | contact |
privacy statement |
Copyright © 2006-2007 Scienton Technologies Inc. All Rights Reserved.
|
|
|
|
|
|
|
News & Events |
May 2007
Scienton commences implementation of the Risk Cube® software with a prominent government institution. March 2007
Scienton closes another client for our industry leading compliance metrics software Risk Cube®. Febuary 2007
Our professionals oversee several Canadian Health Information projects. January 2007
Scienton founded 2highC, a sister company devoted to the distribution and development of Risk Cube®. |
|
|
Contact Us |
111 Peter St., Suite 407
Toronto, Ontario M5V 2H1
|
|
| Tel: |
416 - 924 - 4393 |
| Fax: |
416 - 924 - 1810 |
| Toll Free: |
| 1 - 866 - |
M | D | L | | R | I | S | K |
| 1 - 866 - |
6 | 3 | 5 | - | 7 | 4 | 7 | 5 |
|
| e-mail: |
info@scienton.com |
|
|
|
| |
|
|
|
